| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
This puts more of the schema restrictions in one place.
Andrew Bartlett
|
| |
|
|
| |
Andrew Bartlett
|
| |
|
|
| |
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This seems like a lot of duplicate work, but by the end we should
have, in normal LDB format, the remote DRS schema, having bootstrapped
it with the locally loaded schema.
The multiple steps are to resolve the problems with references to
schema items that we don't 'yet' know about.
Andrew Bartlett
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
provision
This allows the prefixMap from a DRS server to be used when loading
the schema from the local files. This helps us then import other
schema with this map in place.
Andrew Bartlett
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
|
| |
|
|
|
|
|
|
|
|
| |
We need to use the remote prefix map for the provision schema, or else
we can't decode new, non-standard attributes into OIDs. Then once we
decode that schema, we can try again and get them properly translated.
Andrew Bartlett
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The change here is to try and convert a per the previous rules, but if
we don't know a particular OID as a attributeID, then store it as an
OID (for example). This allows known values to be converted as
before, but still copes with unknown values.
Andrew Bartlett
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This works on the assumption that the schema partition can only
contain schema objects.
We may need to pass down some kind of 'relax' to the DRS -> LDB
conversion code, so that it allows incomplete conversions, so that we
don't fail if a new attribute is present, and we can't decode it.
This would then be resolved the second time we do the conversion.
Andrew Bartlett
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The libnet_vampire code was derived from this code in the first place,
but has continued to evolve, while this code has often bitrotted.
This avoids the needless duplication of the callbacks, while keeping
the toture wrapper.
Andrew Bartlett
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
|
| |
|
|
| |
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
|
| |
|
|
|
|
|
|
|
| |
These are intended to be called from the NET-API-BECOMEDC torture test
to avoid duplication of code.
Andrew Bartlett
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
|
| |
|
|
| |
Signed-off-by: Tim Prouty <tprouty@samba.org>
|
| |
|
|
| |
A bit of refactoring and modified the tests to use encrypted connection so that they pass against Windows unconditionally.
|
| |
|
|
|
|
|
|
|
|
| |
When adding an additional DC as a GC server, the new DC attempts to register its
own gc._msdcs records. If the existing gc._msdcs record is a CNAME, BIND fails
the update with the message "attempt to add non-CNAME alongside CNAME ignored",
and the new DC is not registered as a GC server.
The A & AAAA record types for gc._msdcs have been verified against the DNS
server of a W2K8 DC.
|
| | |
|
| |
|
|
|
|
| |
base dn
Aliases (especially in the "builtin" domain) are often domain-independant.
|
| | |
|
| | |
|
| |
|
|
| |
generated by pidl.
|
| | |
|
| |
|
|
|
| |
The password hash module controls overlapped others. Sorry, but the
"schema_samba4.ldif" hasn't been kept up-to-date.
|
| | |
|
| |
|
|
|
|
| |
command-line options.
This is the first step towards supporting custom test runners.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
than simple messaging callbacks.
|
| |
|
|
| |
This shouldn't happen since SIDs are mandatory for security objects
|
| |
|
|
| |
Mostly cosmetic fixes
|
| |
|
|
|
|
|
| |
hash
Previously, only the conversion from cleartext to the LM hash was deactivated,
and not when the user specified it directly through "dBCSPwd".
|
| | |
|
| | |
|
| |
|
|
|
| |
We could also have no valid SID specified at all and also then we have to
return an empty array with "NT_STATUS_OK". This shows the torture testsuite.
|
| |
|
|
|
|
|
| |
database is corrupted
Group/User/Alias entries do always have a SID (it's a mandatory attribute in the
SAM directory)!
|
| |
|
|
| |
wasn't found
|
| | |
|
| |
|
|
| |
Return "NT_STATUS_NO_SUCH_USER" when user account doesn't exist.
|
| |
|
|
|
|
|
| |
really needed
That means the allocation should move after the lookup (as it is on
"QueryUserInfo"). Return "NT_STATUS_NO_SUCH_DOMAIN" on an invalid domain.
|
| | |
|
| |
|
|
| |
was returned
|
| |
|
|
|
| |
The biggest change consists in the implementation of the Windows Server
return size formula MIN(*r->out.num_entries, 1+(r->in.max_size/SAMR_ENUM_USERS_MULTIPLIER).
|
| |
|
|
|
|
|
| |
"EnumDomainGroups" and "EnumDomainAliases"
That means that the lookup is now also done by "samdb_search_domain" to be more
consistent.
|
| | |
|
| |
|
|
|
|
|
| |
This will allow the libnet_vampire code to manually convert individual
schema objects.
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
|
| |
There is no need to do a full ldb_match_msg() for a simple case
insensitive string.
Andrew Bartlett
|
| |
|
|
|
|
|
| |
The idea here is to allow some callers to specify a new prefixMap that
will override the values loaded from the prefixMap.txt.
Andrew Bartlett
|
| |
|
|
|
|
| |
This allows it to be specified in either binary or as a string.
Andrew Bartlett
|
| |
|
|
|
|
|
| |
This allows us to push a prefixmap directly into the schema we
generate in the provision code.
Andrew Bartlett
|
