summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
* s4-vampire: cope with no invocationID when vampiring the schemaAndrew Tridgell2009-09-111-3/+4
|
* s4-drs: fixed the ldap SPN in AddEntryAndrew Tridgell2009-09-111-1/+1
|
* s4-provision: revert _gc_tcp priorityAndrew Tridgell2009-09-111-1/+1
| | | | | thanks to id10ts for spotting this. I was a victim of emacs zone mode, which increaed it with each edit.
* s4-repl: refresh the partitions on each cycleAndrew Tridgell2009-09-112-3/+4
| | | | | The KCC might have changed repsFrom, which is stored in the partitions structure
* s4-smbtorture: fix remaining lsa lookup call unknowns. sorry...Günther Deschner2009-09-111-4/+4
| | | | Guenther
* s4-kcc: add a very simple KCCAndrew Tridgell2009-09-116-1/+535
| | | | | | | A KCC is a 'Knowledge Consistency Checker', a fancy name for a daemon that works out who will replicate with who in a AD domain. This implements an extremely simple KCC task that just wants to replicate with everyone :-)
* s4-repl: don't update replPropertyMetaData for non-replicated attributesAndrew Tridgell2009-09-111-0/+7
| | | | thanks to Metze for spotting this
* s4-idl: added the IDL for the DsReplica* callsAndrew Tridgell2009-09-111-9/+9
|
* lsa: fill in more unknowns in lsa_LookupSid calls.Günther Deschner2009-09-112-10/+10
| | | | Guenther
* s4:ldb_map_outbound - fix memory leakMatthias Dieter Wallnöfer2009-09-111-0/+2
| | | | | Patch from Andrew Kroeger wasn't fully correct - we need a "talloc_free" after the "if (ac->r_current == NULL)" statement.
* s4-repl: on every ldb modify we need to update replPropertyMetaDataAndrew Tridgell2009-09-111-8/+171
| | | | | | Every time we change a ldb object with the repl_meta_data module loaded we need to update the replPropertyMetaData attribute to fix the timestamps and USNs of the attributes being changed.
* s4-repl: don't add the RDN if it is already thereAndrew Tridgell2009-09-111-3/+19
|
* s4-ldb: don't remove a message element beyond the end of the arrayAndrew Tridgell2009-09-111-0/+4
|
* s4-provision: use DNS name, not domain nameAndrew Tridgell2009-09-112-2/+3
| | | | The SPNs end in the DNS domain name
* s4-drs: actually call the new drsuapi_add_SPNs() codeAndrew Tridgell2009-09-111-2/+2
| | | | An early return here didn't do any good :-)
* s4-drs: add the magic DRS SPNs on AddEntryAndrew Tridgell2009-09-112-27/+122
| | | | | When a DsAddEntry is used to create a nTDSDSA object we need to also create the SPNs for the NTDS GUID in the servers machine account.
* s4/provision: add the nTDSDSA GUID based DNS entries and SPNsAndrew Tridgell2009-09-113-12/+27
| | | | | | The DNS entries and SPNs are needed for samba<->samba DRS replication. This patch adds them for a standalone DC configure. A separate patch will add them for the vampire configure
* s4/drs: parentGUID needs to be specififcally asked forAndrew Tridgell2009-09-111-1/+2
| | | | | | Right now parentGUID is a normal attribute in s4, but it should be generated, which means we need to ask for it in a search if we want to use it.
* s4/libcli: when we get a DNS lookup failure show the nameAndrew Tridgell2009-09-111-0/+2
| | | | | When tracking down complex connection problems its useful knowing what name lookups failed.
* s4/tort: RPC-DRSUAPI test case refactored to match torture architectureKamen Mazdrashki2009-09-112-68/+74
|
* s4/tort: code clean up using torture_drsuapi_assert_call() macroKamen Mazdrashki2009-09-111-132/+36
| | | | | After this change, when a test fails, it gives reasonable failure message.
* s4/tort: assert macro for drsuapi dcerpc callKamen Mazdrashki2009-09-111-0/+26
| | | | | The macro actually wraps common code pattern used in almost every test for DRSUAPI interface
* s4/tort: Propagate torture_context and use torture_commentKamen Mazdrashki2009-09-111-66/+79
| | | | | NOTE: Not every place where printf is used is replaced by torture_comment. Future work shall "missed" printfs also.
* s4:setup Updated Display Specifiers from Microsoft (with #s)Andrew Bartlett2009-09-115-91/+30
| | | | | | | | This fixes the issue with the original files that they didn't have a leading # in front of the comments, which caused our parsing scripts much pain. The files are now exactly as delivered. Andrew Bartlett
* s4:ldb_map: Don't free ares too early.Andrew Kroeger2009-09-111-3/+3
| | | | | As found when running "make test" with the MALLOC_CHECK_ and MALLOC_PERTURB_ environment variables set.
* s4/tort: CRACKNAMES tests to use private structure for testing.Kamen Mazdrashki2009-09-111-2/+33
| | | | | DsCrackNamesPrivate structure basically inherits DsPrivate structure while adding few test-specific members.
* s4/tort: Make common setup/teardown drsuapi test funcs really commonKamen Mazdrashki2009-09-111-13/+6
|
* s4/tort: CrackNames test update to work against W2K3.Kamen Mazdrashki2009-09-111-0/+4
| | | | | | DRSUAPI_DS_NAME_FORMAT_UKNOWN added to 'known-to-fail' responses as this actually means to ask AD to resolve a name from FQDN format to Unknown format.
* s4:srvsvc: Fix logic on error checking.Andrew Kroeger2009-09-101-6/+6
|
* s4:pwsettings: Added blackbox tests.Andrew Kroeger2009-09-101-0/+2
| | | | | | The added tests include basic validation that the script runs and accepts all custom arguments. The tests also verify changes to the password complexity, minimum password length, and minimum password length settings.
* s4:pwsettings: Show default values in help messages.Andrew Kroeger2009-09-101-4/+4
|
* s4:pwsettings: Add 'default' option for password complexity.Andrew Kroeger2009-09-101-2/+2
|
* s4:pwsettings: Added validation.Andrew Kroeger2009-09-101-4/+26
| | | | | | | | | | Validate that each field is within its allowed range. Also validate that the maximum password age is greater than the minimum password length (if the maximum password age is set). I could not find these values documented anywhere in the WSPP docs. I used the values shown in the W2K8 GPMC, as it appears that the GPMC actuaally performs the validation of values.
* s4:pwsettings: Don't assume a value for pwdProperties.Andrew Kroeger2009-09-101-2/+2
| | | | | | | If we cannot retrieve the value, do not assume a particular value. The fact that we could not retrieve the value indicates a larger problem that we don't want to make worse bypossibly clearing bit fields in the pwdProperties attribute.
* s4:pwsettings: Run all updates as a single modify() operation.Andrew Kroeger2009-09-101-31/+19
| | | | | | This ensures that all changes are made, or none are made. It also makes it possible to do validation as we go and abort in case of an error, while always leaving things in a consistent state.
* s4:pwsettings: Added --quiet option.Andrew Kroeger2009-09-101-16/+17
| | | | | Also changed all non-error status output to use the message() function, which respects the --quiet option.
* s4:netlogon - Put the "supported encryption types" more back in the ↵Matthias Dieter Wallnöfer2009-09-101-6/+8
| | | | | | "LogonGetDomainInfo" call They're needed only at the end.
* Revert "s4: Let the "setpassword" script finally use the ↵Matthias Dieter Wallnöfer2009-09-102-70/+9
| | | | | | | | | "samdb_set_password" routine" This reverts commit fdd62e9699b181a140292689fcd88a559bc26211. abartlet and I agreed that this isn't the right way to enforce the password policies. Sooner or later we've to control them anyway on the directory level.
* s4/torture: fixed lots of crash bugs in the DRS testsAndrew Tridgell2009-09-101-17/+19
|
* s4:provision Only delete SASL mappings with Fedora DS, not OpenLDAPAndrew Bartlett2009-09-101-31/+30
| | | | | | | | We need to be more careful to do the cleanup functions for the right backend. In future, these perhaps should be provided by the ProvisionBackend class. Andrew Bartlett
* s4/drs: enable attribute encryptionAndrew Tridgell2009-09-101-6/+41
| | | | | This means we now get passwords vampired correctly for s4<->s4 replication.
* s4: kludge_acl needs to be above repl_meta_dataAndrew Tridgell2009-09-101-2/+2
| | | | | We have to bypass kludge_acl in replication as otherwise we aren't allowed access to the password entries
* s4/repl: give a useful error message if we can't decode an objectAndrew Tridgell2009-09-101-1/+4
|
* s4/drs: changed the UpdateRefs server to use the dn instead of the GUIDAndrew Tridgell2009-09-101-27/+18
| | | | | | | | | Our vampire code sends a zero GUID in the updaterefs calls. Windows seems to ignore the GUID and use the DN in the naming context instead, so I have changed our UpdateRefs server implementation to do the same. With this change we can now vampire from s4<->s4 successfully! Now to see if all the attributes came across correctly.
* s4/drs: correctly fill in the GUID of DRS objectsAndrew Tridgell2009-09-101-1/+1
|
* s4: fix spellingAndrew Tridgell2009-09-101-1/+1
|
* s4/provision: another fix for breakage from b1dabb1133Andrew Tridgell2009-09-101-6/+8
|
* s4:provision Don't reference provision_backend when using LDBAndrew Bartlett2009-09-101-1/+3
| | | | | | This broke in Endi's patch for Fedora DS support Andrew Bartlett
* s4/torture: don't mix declarations and codeAndrew Tridgell2009-09-101-22/+22
|
* s4/schema: teach the schema_syntax code how to encode/decode more attributesAndrew Tridgell2009-09-101-0/+104
| | | | | | | We were trying to encode strings like 'top' as integers, without first looking them up in our schema. We need special handling for all the attributes that contain attributeID_id or governsID_id fields that should be translated first before encoding.
generated by cgit (git 2.34.1) at 2024-09-30 02:18:29 +0000