summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
* s4-rpc: added NDR64 supportAndrew Tridgell2009-09-175-7/+31
| | | | This adds support for the nd464 binding string option
* spnego: Support ASN.1 BIT STRING and use it in SPNEGO.Kouhei Sutou2009-09-171-2/+4
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* s4:descriptor module - Revert and const fixupsMatthias Dieter Wallnöfer2009-09-171-7/+18
| | | | | | - Revert a change introduced by me since I didn't understood the meaning of the version check - Added some "const" to suppress compiler warnings
* s4:descriptor - cosmeticMatthias Dieter Wallnöfer2009-09-171-1/+1
|
* s4:libnet_become_dc - Fix some uninitialised variablesMatthias Dieter Wallnöfer2009-09-171-3/+3
|
* s4:provision - Some reworkMatthias Dieter Wallnöfer2009-09-1712-23610/+23878
| | | | | | | | | | - Add/change "wellKnownObjects" attributes - Order entries in "provision_basedn_modify.ldif" - Add/change "delete entries" object under BASEDN and CONFIGDN - Fix default version number of "Default domain policy" group policy - Add "domain updates" objects for interoperability with MS AD maintaining tools - Show version number in the "oEMInformation" attribute (suggested by ekacnet) - Smaller fixups
* s4/domain behaviour flags: Fix them up in various locationsMatthias Dieter Wallnöfer2009-09-174-16/+10
| | | | | | | | | | Additional notes: - Bump the level to Windows Server 2008 R2 (we should support always the latest version - if we provision ourself) - In "descriptor.c" the check for the "domainFunctionality" level shouldn't be needed: ACL owner groups (not owner user) are supported since Windows 2000 Server (first AD edition) - I took the argument from: http://support.microsoft.com/kb/329194
* s4/python: flagsMatthias Dieter Wallnöfer2009-09-172-9/+83
| | | | | - Introduce the "userAccountControl", "groupType" and "sAMAccountType" flags - Corrects the "domain/forestFunctionality" and "domainControllerFunctionality" flags
* util_smb: For some (unknown) reason the previous patch changed the ↵Matthias Dieter Wallnöfer2009-09-131-0/+0
| | | | permissions - Reset them
* Port the Samba 4 shm_setup to QNX.Matt Kraai2009-09-131-0/+18
|
* idl: added DsExecuteKCC IDLAndrew Tridgell2009-09-171-3/+3
|
* spnego: share spnego_parse.Günther Deschner2009-09-174-475/+2
| | | | Guenther
* Owner and group defaulting.Nadezhda Ivanova2009-09-166-58/+598
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* Tests for descriptor inheritanceZahari Zahariev2009-09-163-1/+1613
| | | | | Signed-off-by: Nadezhda Ivanova <nadezhda.ivanova@postpath.com> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:kdc In the kpasswd server, don't use the client address in mk_privAndrew Bartlett2009-09-161-0/+8
| | | | | | | | | | This code eventually calls into mk_priv in the Heimdal code, and if the client is behind NAT, or somehow has an odd idea about it's own network addresses, it will fail to accept this packet if we set an address. It seems easiser not to. (Found by testing with NetAPP at plugfest) Andrew Bartlett
* s4:rpc_server netgotiate max xmit size with RPC clientAndrew Bartlett2009-09-161-2/+2
| | | | | | | | Testing against NetAPP showed that clients can object to being told a larger max xmit fragment size than they negotiated. Choose the minimum of the server and client values. Andrew Bartlett
* s4-repl: raise a debug levelAndrew Tridgell2009-09-161-1/+1
|
* s4-dsdb: treat uSNHighest as 0 if @REPLCHANGED doesn't existAndrew Tridgell2009-09-161-0/+8
| | | | When a partition is first created it still needs a uSNHighest value
* libcli/auth: rewrite schannel sign/seal code to be more genericStefan Metzmacher2009-09-161-33/+56
| | | | | | This prepares support for HMAC-SHA256/AES. metze
* s4-repl: take advantage of async RPC forwardingAndrew Tridgell2009-09-152-26/+7
| | | | This uses async RPC forwarding for the DsReplicaSync call
* s4-rpc: added a module for forwarding RPC requestsAndrew Tridgell2009-09-153-9/+116
| | | | | | | | dcesrv_irpc_forward_rpc_call() can be used to forward an arbitrary RPC request to another task in Samba4, with the return being handled asynchronously. This is useful for forwarding DRS requests to the repl or kcc tasks
* s4-drs: lock down key DRS callsAndrew Tridgell2009-09-154-22/+54
| | | | | The key DRS calls should only be allowed by administrators or domain controllers
* s4-security: added a new security level SECURITY_DOMAIN_CONTROLLERAndrew Tridgell2009-09-152-0/+10
| | | | | This will be used as a simple way to lock down DRS replication to administrators and domain controllers
* s4-ldb: ldap attribute names can contain a '.'Andrew Tridgell2009-09-151-1/+2
| | | | When they are of the form of OIDs
* s4-ldb: expose ldb_transaction_prepare_commit() in ldbAndrew Tridgell2009-09-153-21/+64
| | | | | It is useful to be able to control the 2 phase commit from application code (s4 replication uses it)
* s4-repl: don't do double replicationAndrew Tridgell2009-09-154-6/+44
| | | | | | | | When we replicate from a remote DC, we need to note the new uSN that the local changes have resulted in, and modify the uSN that the notify task uses to determine if it should send a ReplicaSync message back to the remote DC. Otherwise we end up always triggering a ReplicaSync every time we replicate from another DC
* s4-drs: filter based on local_usnAndrew Tridgell2009-09-151-1/+1
| | | | | The getncchanges uSN is in our local space, so we must compare it to the local_usn in replPropertyMetaData
* s4-repl: make sure we marshal the replPropertyMetaData after the last changeAndrew Tridgell2009-09-151-10/+10
| | | | | we were setting local_usn after the marshall, so it wasn't going into the object
* s4-dsdb: use DLIST_ADD() not DLIST_ADD_END()Andrew Tridgell2009-09-152-4/+4
| | | | | | Using DLIST_ADD_END() to construct a long list is very inefficient (it is O(n^2). These lists are not ordered, so using DLIST_ADD() is much better.
* s4-ldb: cope better with corruption of tdb recordsAndrew Tridgell2009-09-154-5/+30
| | | | | | | | | When doing an indexed search if we hit a corrupt record we abandoned the indexed search and did a full search. The problem was that we might have sent some records to the caller already, which means the caller ended up with duplicate records. Fix this by returning a search error if indexing returns an error and we have given any records to the caller.
* s4-repl: add a debug to make it easier to monitor replicationAndrew Tridgell2009-09-151-0/+5
|
* schannel: move schannel_sign to main directory.Günther Deschner2009-09-165-313/+5
| | | | Guenther
* s4-schannel: try to fix the build.Günther Deschner2009-09-161-1/+1
| | | | Guenther
* s4-schannel: first step of decoupling schannel from gensec.Günther Deschner2009-09-162-20/+51
| | | | Guenther
* s4-schannel: strip trailing whitespace.Günther Deschner2009-09-161-36/+36
| | | | Guenther
* s4:schema Add code to provide an index into the subClass treeAndrew Bartlett2009-09-152-1/+27
| | | | | | | In time, this should avoid the astounding (order) complexity of the objectclass sorting in objectclass.c eventually. Andrew Bartlett
* libcli:nbt make the lmhosts parsing code and dependicies commonAndrew Bartlett2009-09-152-43/+1
| | | | | | This starts the process to have Samba4 use lmhosts. Andrew Bartlett
* s4:heimdal_build: fix one more problem with automatic dependeciesStefan Metzmacher2009-09-151-1/+1
| | | | metze
* s4:provision Prevent some invalid combinations of realm and domainAndrew Bartlett2009-09-141-0/+9
| | | | | | | | We don't do well (even just trying to create duplicate servicePrincipalName values) with some of these combinations, so kill it off early before the administrator thinks it's going to work. Andrew Bartlett
* s4: Script to build or rebuild extend DN attributesMatthieu Patou2009-09-141-0/+141
| | | | | This script can be used to upgrade a provision that didn't integrate extended dn. It can also be used to add missing extended DN that weren't created during provision.
* Torture test for bug 6529 - Offline files conflict with Vista and Office 2003.Jeremy Allison2009-09-141-0/+131
| | | | | Ensure we don't regress. Jeremy.
* s4-repl: handle rename in repl_meta_dataAndrew Tridgell2009-09-141-0/+97
| | | | | On a rename we need to update uSNChanged, and the max uSN for the partition
* s4-drs: allow replication of renamesAndrew Tridgell2009-09-141-6/+7
| | | | a rename may have no attribute changes
* s4-repl: fixed a memory error handling linked attributesAndrew Tridgell2009-09-141-10/+10
| | | | | We could get a double free with multiple linked attributes in a message
* s4-repl: fall back to repsFrom if repsTo not setAndrew Tridgell2009-09-141-2/+4
| | | | | | | Windows does not seem to be always setting up repsTo using DsUpdateRefs(). For now we will fall back to using repsFrom if repsTo is empty. This is almost certainly incorrect, but it does get notification based replication working with both w2k3 and w2k8.
* pyldb: Don't segfault when invalid type is specified to Dn.get().Jelmer Vernooij2009-09-142-2/+14
| | | | (#6722)
* dsdb: the samba3 ldap schema has no sambaAccountPolicy (any more at least)Michael Adam2009-09-141-1/+0
| | | | Michael
* s4:heimdal_build: fix the build with --enable-automatic-dependenciesStefan Metzmacher2009-09-141-1/+1
| | | | | | We need to create the header file before we generate the source file. metze
* s4:heimdal_build Fix build breakages caused by asn1compile changeAndrew Bartlett2009-09-131-2/+1
| | | | | | | The issue was that we referenced an asn1compile generated file by name, not by the subsystem is was generated by. Andrew Bartlett
* s4:heimdal_build Love pointed me at the --one-code-file option to asn1_compileAndrew Bartlett2009-09-131-32/+17
| | | | | | | This new option avoids a lot of code that was used to intuit what files would be output by the compiler. Andrew Bartlett
generated by cgit (git 2.34.1) at 2025-09-25 22:36:08 +0000