| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)"
in places in the dsdb code where we don't already explicitly set an
error string. This should make is much easier to track down dsdb
module bugs that result in an operations error.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These will be used to help avoid the problem we have with hundreds of
places that do "return LDB_ERR_OPERATIONS_ERROR" without an
explanation. It is very difficult to track down ldb errors which don't
have any explanation.
By replacing "return LDB_ERR_OPERATIONS_ERROR;" with "return ldb_operr(ldb);"
we at least get a file:line message in the ldb error string. It isn't
an ideal error message, but it is much better than just "operations
error"
This change also makes ldb_oom() return the error code
(LDB_ERR_OPERATIONS_ERROR) so you can do:
return ldb_oom(ldb);
instead of:
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
|
| |
|
|
|
| |
this uses the options[] array to pass in bindMech, bindID and
bindSecret. Currently only "simple" is supported.
|
| |
|
|
|
|
|
| |
ldb_options_find() allows backends to find options in the options[]
array passed to the connect operation.
This will be used by the ldb_ldap bind code
|
| |
|
|
|
|
|
|
|
| |
MS-CIFS 2.2.7.4.2 states that FILE_NOTIFY_INFORMATION structures in
change notify replies must be aligned to 4-byte boundaries.
This updates s4 client to check for this restriction and also adds a
torture test which should tickle a server into giving unaligned
structures if it doesn't follow the spec.
|
| |
|
|
|
|
|
| |
> [ 651/1946] Compiling dsdb/samdb/ldb_modules/new_partition.c
> ../dsdb/samdb/ldb_modules/new_partition.c: In function 'new_partition_add':
> ../dsdb/samdb/ldb_modules/new_partition.c:195: warning: 'down_req' may be used uninitialized in this function
The "down_req" variable isn't used anymore.
|
| |
|
|
|
| |
It has to consider the "password_expires" flag to known if the "pwdLastSet" has
to be updated or to be resetted.
|
| |
|
|
|
|
| |
on level 21
Taken from the s3 server code
|
| |
|
|
|
|
| |
"-1" we shouldn't force a password change
This value is set by the ADUC console.
|
| |
|
|
| |
Signed-off-by: Günther Deschner <gd@samba.org>
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
metze
|
| |
|
|
|
|
| |
When importing users from Samba3 we need to control all values.
metze
|
| |
|
|
| |
metze
|
| |
|
|
|
|
|
|
| |
Recently I have found that after vampireing from a clean Windows
server we have the same DNS objects in the ldb. So ldapcmp has to
no longer ignore them.
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
|
| |
|
|
|
|
| |
"winbind struct test"
Use a "talloc_strdup" for duplicating usernames.
|
| |
|
|
| |
Taken from the s3 implementation.
|
| | |
|
| |
|
|
|
|
|
| |
These CARs need to be checked on password change and password reset operations.
Apparently the password attributes are not influenced by Write Property.
Single detele operations and modifications of dBCSPwd are let through to the
password_hash module. This is determined experimentally.
|
| | |
|
| |
|
|
| |
(I've introduced the subtree delete mechanism)
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
resets the minimum password age
This is needed since we on s4 do now use the Windows Server standard of 1 day.
|
| |
|
|
|
|
| |
request
"schemaUpdateNow" on s4 is now a non-op and therefore not strictly needed anymore.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The schema refresh operation itself starts requests from the top of the LDB
modules stack (see call "dsdb_schema_set_attributes" - search operations).
This doesn't work well when these do perform "dsdb_get_schema" calls. Since the
new schema isn't marked as "refreshed" atm (but in fact it still is - we didn't
terminate the reload/refresh yet) we could perform other calls to
"dsdb_schema_refresh" and run into serious trouble (segfault).
|
| | |
|
| |
|
|
|
| |
We already choose the right entry by specifying the right basedn with scope
"LDB_SCOPE_BASE".
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Now we should have fixed all password related tests to cooperate with this value
|
| |
|
|
|
|
| |
default
Which is one day.
|
| |
|
|
|
|
|
|
|
|
| |
After a patch proposal of Nadya and some reflection I think that it's really
worth to change all tests which need a "0" "minPwdAge" to set it manually and
reset the default afterwards.
So we can finally introduce the default "minPwdAge" on provision.
Patch proposal by: Nadya Ivanova
|
| | |
|
| |
|
|
|
| |
This is needed so we can find and free old schemas based using
the cached pointer
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
| |
fixed several bugs in error handling. the ldb context was used without
being initialised in the error paths, and several error paths did not
set an ldb error string.
|
| |
|
|
| |
We need to use ldap_parse_reference() not ldap_parse_result()
|
| |
|
|
|
|
|
| |
the supportedSASLMechanisms opaque must live for at least as long as
the ldb, or we can crash when the first connection is torn down
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
| |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It was reported by aatanasov that we kept around one whole schema per
modification made. This does not fix that, but I hope moves us closer
to a fix
The most important part of the fix is that:
- if (schema_out != schema_in) {
- talloc_unlink(schema_in, ldb);
- }
was the wrong way around. This is now handled in the schema_set calls.
Andrew Bartlett
|
| |
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
|
|
| |
DSDB_FLAG_NEXT_MODULE flag
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
