| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We were getting build test 'pass' on the build farm when the provision
is failing. The cause was the use of filter pipelines in the selftest
code in the makefile. A bourne shell will by default report the error
status of the last element of the pipeline, which means when provision
failed, make thought everything had passed.
We could use the bash 'pipefail' option to fix this, but it isn't
portable, so instead I've modified the makefile to touch st/st_done
when the first element in the pipeline completes successfully. That
means we now get errors in make test, at the expense of making the
makefile even more horrible than it was.
|
| |
|
|
| |
Should finally fix bug #6136 ("groupType", "sAMAccountType" ... attributes).
|
| |
|
|
|
| |
the changes from Matthias didn't take account of url and lp being None
in some ldb python instances in 'make test'
|
| |
|
|
|
|
|
|
|
|
| |
- Centralise the lookups for the default domain (root) in the call "domain_dn"
- Reduce the LDB connections attempts ("connect" calls) from three to one
- tools should load faster
- Make the LDB connection init more like the "ldb_wrap_connection" call
- Load the right UTF8 casefolder which fixes up problems with special characters
(discovered by me: e.g. small "Umlaute" (ä, ö, ü, ...) in the DN weren't upcased
- so records "seemed" lost in TDB)
|
| |
|
|
| |
the call "domain_dn" from SamDB
|
| |
|
|
| |
Needed for special characters (e.g. in German "Umlaute")
|
| |
|
|
| |
right way
|
| |
|
|
|
|
|
| |
This reverts commit 53ef426e6f68728763436bd0cd3dd91180c00579.
As abartlet pointed out this causes to load all attributes and therefore gives
us more here than we need (only the check for the DN)!
|
| | |
|
| |
|
|
|
|
| |
my last patch was not even close ...
I'll leave abartlet to work out how to fix the test case
|
| |
|
|
|
|
| |
Andrew, can you please check this? The idmap.setup_name_mapping tests
look totally out of place here. I'm also not sure I captured your
intention with the other changes
|
| |
|
|
| |
metze
|
| |
|
|
|
| |
The autoidl test is not needed now that we have IDL source
available. It also generates a lot of errors in the logs.
|
| | |
|
| |
|
|
|
|
|
| |
Hopefully this will explain a bit more whey things are done the way
that they are done.
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
| |
The Samba4 schema code (called via
samdb.set_schema_from_ldb(schema.ldb)) manages the @ATTRIBUTES and
@INDEXLIST records, so don't wipe them early. The chances are that we
will not change them anyway.
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
| |
This triggered a failure in the updateNow schema test, as the current
global schema was not being updated when a new schema element was
added
|
| |
|
|
|
|
|
|
| |
The expression time.strftime("%s", time.gmtime())[3:] leads to a
string with a leading 0. When added then read back from the prefix map
this leads to a different string, so it is never found.
Use the simpler str(random.randint(a,b)) expression instead
|
| |
|
|
|
|
|
|
|
| |
The extra filter is no use for 'testenv', as we are not running tests,
but an xterm. The filter also breaks running 'GDB_PROVISION=yes make
test', but at least if we can run 'GDB_PROVISION=yes make testenv'
then we can debug provision.
Andrew Bartlett
|
| |
|
|
|
|
|
| |
It is a pretty odd thing to do, and it's only because of the
restrictions of DIGEST-MD5 in Cyrus SASL that we do it.
Andrew Bartlett
|
| |
|
|
|
|
| |
Found by Oliver Liebel <oliver@itc.li>
Andrew Bartlett
|
| |
|
|
|
|
| |
Spotted by MICHAEL BROWN <mbrown@mesainc.com>
Andrew Bartlett
|
| |
|
|
|
|
|
| |
This makes no sense, and just causes trouble - we are aiming for
DIGEST-MD5 or NTLM.
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
|
|
| |
This should make setting up LDAP servers more predictable.
When not specified, it is random
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
|
| |
This fixes the recursive delete in erase_partitions()
For reasons I cannot understand, it is possible to get 'no such
object' trying to delete a DN I just search for without error. Oh
well...
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
| |
Using a single transaction to both erase the bulk of the data and the
rebuild of that data means that the in-memory index list is
maintained, and not written out to disk until it is all compleated.
All the writes then occour at the end.
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This removes a *lot* of duplicated code and the cause of much
administrator frustration. We now handle starting and stopping the
slapd (at least for the provision), and ensure that there is only one
'right' way to configure the OpenLDAP and Fedora DS backend
We now run OpenLDAP in 'cn=config' mode for online configuration.
To test what was the provision-backend code, a new --ldap-dryrun-mode
option has been added to provision. It quits the provision just
before it would start the LDAP binaries
Andrew Bartlett
|
| |
|
|
| |
(These will be added back in a future commit)
|
| |
|
|
|
|
|
|
| |
We now set these as part of the schema load, and we now load the
schema before the provision loads the DB, so setting them here is
pointless
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes it possible to do a bit more of the provision with Samba
helpers, but without some of the otherwise useful things (such as
loading in the global schema) that SamDB does.
Rewrite provision_erase to use a recursive search, rather than a
looping subtree search. This is much more efficient, particularly now
we have one-level indexes enabled.
Delete the @INDEX and similar records *after* deleting all other
visible records, this hopefully also assists performance.
Andrew Bartlett
|
| |
|
|
|
|
|
| |
This helps ensure we don't load the schema too often in the provision
(allowing a reference in of the schema before the modules load).
Andrew Bartlett
|
| |
|
|
|
|
|
| |
We need to find a better way to apply this (used in the Fedora DS LDAP
backend), not by trying to tunnel this down the module stack.
Andrew Bartlett
|
| |
|
|
|
|
|
|
| |
This allows us to load the schema against one ldb context, but apply
it to another. This will be useful in the provision script, as we
need the schema before we start the LDAP server backend.
Adnrew Bartlett
|
| | |
|
| | |
|
| |
|
|
|
| |
Either the username or the filter are allowed. If both are given the filter is
going to be used due to a higher precedence.
|
| | |
|
| |
|
|
| |
one-line wrapper)
|
| |
|
|
|
| |
With the previous check I got random failures when trying to connect to the
LDAP server.
|
| |
|
|
|
|
|
|
| |
This corrects commit 7a82aed71b74af8bc2a8a4381541adbb22452d20. The
steal did not set ent->attributes, so it was incorrect to assign to
ent->attributes.
Andrew Bartlett
|
| |
|
|
|
|
|
|
| |
This talloc_steal also conflicts with the ldb_map code, and like the
previous commit, is rudundent given the talloc_steal of the whole msg
above.
Andrew Bartlett
|
| |
|
|
|
|
|
|
| |
There may or may not be a need to take a reference to the 'name' in
the ldb_map code, but given we seal the whole msg just above here, it
makes no senst to steal the name, but not the values.
Andrew Bartlett
|
| |
|
|
|
|
| |
I want to use this in source3/smbd/
metze
|
| |
|
|
|
|
| |
This will hold code that's shared between source3 and source4.
metze
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Tests for the right behaviour of this introduced constructed attribute.
Since we don't support the read-only-ness of those attributes yet, I commented
some lines out.
Also I had to add a function for python which converts domain SIDs in RIDs.
And a small fix for the "groupType" test.
|
