Stefan Metzmacher [Thu, 22 Dec 2005 18:21:19 +0000 (18:21 +0000)]
r12435: the max wins ttl is 6 days in windows and samba3
metze
Stefan Metzmacher [Thu, 22 Dec 2005 11:40:14 +0000 (11:40 +0000)]
r12434: implement database scavenging, the only missing part is the verifying of active replicas
with the owning wins server, after the verify interval passes.
metze
Andrew Bartlett [Thu, 22 Dec 2005 11:26:41 +0000 (11:26 +0000)]
r12433: Add comment describing this function.
Andrew Bartlett
Andrew Bartlett [Thu, 22 Dec 2005 11:26:12 +0000 (11:26 +0000)]
r12432: Re-indent and consistantly cancel the transaction.
Andrew Bartlett
Stefan Metzmacher [Thu, 22 Dec 2005 11:13:05 +0000 (11:13 +0000)]
r12431: - the TIME_T_MAX needs to be a singed max value
- fix the calculation of TIME_T_MAX -> nttime -> TIME_T_MAX
metze
Andrew Bartlett [Thu, 22 Dec 2005 09:58:51 +0000 (09:58 +0000)]
r12430: Clarify libnet_join code. Add/fix comments.
Andrew Bartlett
Stefan Metzmacher [Thu, 22 Dec 2005 09:56:14 +0000 (09:56 +0000)]
r12429: make static records always active with a max expire time
metze
Stefan Metzmacher [Thu, 22 Dec 2005 09:37:21 +0000 (09:37 +0000)]
r12428: releases on 0x1D names are ignored
metze
Andrew Bartlett [Thu, 22 Dec 2005 09:32:26 +0000 (09:32 +0000)]
r12427: Move SAMR CreateUser2 to transactions, and re-add support for
different computer account types. (Earlier code changes removed the
BDC case).
We don't use the TemplateDomainController, so just have a
TemplateServer in provision_templates.ldif
Andrew Bartlett
Stefan Metzmacher [Thu, 22 Dec 2005 08:41:02 +0000 (08:41 +0000)]
r12426: w2k3 refused 0x1B names registered as group names
metze
Stefan Metzmacher [Thu, 22 Dec 2005 08:27:10 +0000 (08:27 +0000)]
r12425: match w2k3 and store 0x1D names when they're registered as group name,
but queries still give not found
metze
Stefan Metzmacher [Thu, 22 Dec 2005 08:13:17 +0000 (08:13 +0000)]
r12424: static records should not be released
metze
Andrew Bartlett [Thu, 22 Dec 2005 06:58:26 +0000 (06:58 +0000)]
r12423: Remove DEBUG(0) printouts in favor of more information to the caller.
I assume this works better with SWAT and the like anyway.
Andrew Bartlett
Andrew Bartlett [Thu, 22 Dec 2005 06:50:04 +0000 (06:50 +0000)]
r12422: Some kerberos comments and clarifications.
Andrew Bartlett
Andrew Bartlett [Thu, 22 Dec 2005 06:47:00 +0000 (06:47 +0000)]
r12421: Handle the case where we are a joining as different account types far better.
Andrew Bartlett
Stefan Metzmacher [Wed, 21 Dec 2005 23:05:32 +0000 (23:05 +0000)]
r12413: do some testing with 0x1E names
metze
Stefan Metzmacher [Wed, 21 Dec 2005 23:03:51 +0000 (23:03 +0000)]
r12412: - the 0x1E name must be registered as group name
- reject wins registration with a static record in the database
metze
Andrew Bartlett [Wed, 21 Dec 2005 22:02:52 +0000 (22:02 +0000)]
r12411: Add 'net samdump keytab <keytab>'.
This extracts a remote windows domain into a keytab, suitable for use
in ethereal for kerberos decryption.
For the moment, like net samdump and net samsync, the 'password
server' smb.conf option must be set to the binding string for the
server. eg:
password server = ncacn_np:mypdc
Andrew Bartlett
Stefan Metzmacher [Wed, 21 Dec 2005 20:25:43 +0000 (20:25 +0000)]
r12408: as we always add the destinguishedName as autogenerated value,
don't store it on disk, as this would cause confusing results
metze
Volker Lendecke [Wed, 21 Dec 2005 09:08:38 +0000 (09:08 +0000)]
r12405: I'm afraid I can't take care of the xplogin test in the near future, so remove
it.
I'll add it again later when I have more time for it.
Volker
Jelmer Vernooij [Tue, 20 Dec 2005 14:15:35 +0000 (14:15 +0000)]
r12397: Change the 'samba4' prefix in the Debian packages back to 'samba'
Stefan Metzmacher [Tue, 20 Dec 2005 00:55:28 +0000 (00:55 +0000)]
r12391: use the new periodic schedule system for the pull replication too
metze
Stefan Metzmacher [Tue, 20 Dec 2005 00:33:41 +0000 (00:33 +0000)]
r12388: fix debug messages
metze
Stefan Metzmacher [Tue, 20 Dec 2005 00:06:31 +0000 (00:06 +0000)]
r12385: call pidl with the perl found by configure
metze
Andrew Bartlett [Tue, 20 Dec 2005 00:02:08 +0000 (00:02 +0000)]
r12384: I can't spell...
Andrew Bartlett [Tue, 20 Dec 2005 00:00:48 +0000 (00:00 +0000)]
r12383: Fixes for Apple's AD client. Don't segfualt in the KDC, and they
require the isSynchronized flag in the rootDSE.
Andrew Bartlett
Andrew Bartlett [Mon, 19 Dec 2005 23:43:17 +0000 (23:43 +0000)]
r12382: Ensure to return OK on anonymous mapping.
Andrew Bartlett
Andrew Bartlett [Mon, 19 Dec 2005 23:29:47 +0000 (23:29 +0000)]
r12381: Try not to segfault on an anonymous LDAP bind, and map to a guest login.
Andrew Bartlett
Stefan Metzmacher [Mon, 19 Dec 2005 23:17:10 +0000 (23:17 +0000)]
r12380: add a wraper script that calls the perl scripts in heimdal_build/
with the correct perl version, that was detected with configure
metze
Stefan Metzmacher [Mon, 19 Dec 2005 23:14:13 +0000 (23:14 +0000)]
r12379: export the detected perl
metze
Stefan Metzmacher [Mon, 19 Dec 2005 23:13:12 +0000 (23:13 +0000)]
r12378: fix perl warnings
metze
Andrew Bartlett [Mon, 19 Dec 2005 22:37:46 +0000 (22:37 +0000)]
r12373: Add RPC-JOIN as a test to always run.
Andrew Bartlett
Stefan Metzmacher [Mon, 19 Dec 2005 21:52:37 +0000 (21:52 +0000)]
r12372: - make the periodic scheduling a bit easier, instead of passing
an uint32_t next_interval everywhere, we now call wreplsrv_periodic_schedule()
if we want to schedule an event
- also prevent us from looping with a 0 interval, by using 1s as minimum interval
metze
Stefan Metzmacher [Mon, 19 Dec 2005 21:19:14 +0000 (21:19 +0000)]
r12370: - if we got a reply without a pending request, mark the socket as dead
instead of segfaulting
metze
Stefan Metzmacher [Mon, 19 Dec 2005 17:10:18 +0000 (17:10 +0000)]
r12364: add UINT32_MAX and UINT64_MAX replacement defines
(hopefully fix the build on OpenBSD)
metze
Andrew Tridgell [Mon, 19 Dec 2005 11:50:28 +0000 (11:50 +0000)]
r12363: minor fixes for win2000 join/login
- the objectClass needs to be added to the list of attributes to make
the check for objectClass=computer work
- the short version of the name needs to be used for the 'cn' in
cracknames
Andrew Bartlett [Mon, 19 Dec 2005 07:11:58 +0000 (07:11 +0000)]
r12362: Along with a cracknames change in the previous commit, this should
allow Win2000 machines to again use kerberos with Samba4.
Andrew Bartlett
Andrew Bartlett [Mon, 19 Dec 2005 07:07:11 +0000 (07:07 +0000)]
r12361: Add a new function: ldb_binary_encode_string()
This is for use on user-supplied arguments to printf style format
strings which will become ldb filters. I have used it on LSA, SAMR
and the auth/ code so far.
Also add comments to cracknames code.
Andrew Bartlett
Andrew Bartlett [Mon, 19 Dec 2005 06:56:45 +0000 (06:56 +0000)]
r12360: Add simple bind support into our LDAP server.
Needs changes to our client code for automated testing.
Andrew Bartlett
Andrew Bartlett [Sun, 18 Dec 2005 22:50:01 +0000 (22:50 +0000)]
r12327: ENT_TYPE_ANY isn't used anywhere in Samba4, so don't implement it in hdb-ldb.
Andrew Bartlett
Stefan Metzmacher [Sun, 18 Dec 2005 22:28:41 +0000 (22:28 +0000)]
r12325: - remove the hostcc object files with make clean
- move the .SUFFIXES statement before the suffix rules
this fixes the build with bsd make
metze
Andrew Tridgell [Sun, 18 Dec 2005 22:28:12 +0000 (22:28 +0000)]
r12324: use command line credentials if available in ldap.js
Andrew Tridgell [Sun, 18 Dec 2005 22:27:26 +0000 (22:27 +0000)]
r12323: fixeed the use of options.get_credentials() for ldb
Andrew Tridgell [Sun, 18 Dec 2005 22:14:14 +0000 (22:14 +0000)]
r12322: automatically use cmdline_credentials if the ldb object doesn't have
its own credentials element
Andrew Bartlett [Sun, 18 Dec 2005 21:44:43 +0000 (21:44 +0000)]
r12320: Add command-line processing hooks for simple bind DN, and password callback.
We may change this in future.
Andrew Bartlett
Andrew Bartlett [Sun, 18 Dec 2005 05:01:15 +0000 (05:01 +0000)]
r12310: Link simple bind support in our internal LDAP libs to LDB and the
command line processing system.
This is a little ugly at the moment, but works. What I cannot manage
to get to work is the extraction and propogation of command line
credentials into the js interface to ldb.
Andrew Bartlett
Stefan Metzmacher [Sat, 17 Dec 2005 19:24:13 +0000 (19:24 +0000)]
r12309: fix a crash bug, which appens in an error case
metze
Stefan Metzmacher [Sat, 17 Dec 2005 15:45:38 +0000 (15:45 +0000)]
r12304: split out the wins partner configuration into a seperate ldb.
now $privatedir/wins_config.ldb contains the wins partners
and $lockdir/wins.ldb contains the name records
metze
Stefan Metzmacher [Sat, 17 Dec 2005 10:10:09 +0000 (10:10 +0000)]
r12302: - create the logfilebase directory with make install
- get rid of unreadable long lines
metze
Stefan Metzmacher [Sat, 17 Dec 2005 09:28:39 +0000 (09:28 +0000)]
r12301: FHS 2.2 says that /var/cache/* contains only cached data, which can we removed without
losing data, we should keep our databases under /var/lib/*
should I merge this to samba3 too?
metze
Rafal Szczesniak [Fri, 16 Dec 2005 20:02:41 +0000 (20:02 +0000)]
r12294: Move dcerpc_pipe_open_sock() to async implementation.
rafal
Stefan Metzmacher [Fri, 16 Dec 2005 14:48:14 +0000 (14:48 +0000)]
r12288: make sure we always include heimdal_build/config.h, before
heimdal/lib/roken/roken.h, this fixes the build on the 64bit machines
metze
Stefan Metzmacher [Fri, 16 Dec 2005 12:55:54 +0000 (12:55 +0000)]
r12287: move the wins.ldb into lockdir
metze
Stefan Metzmacher [Fri, 16 Dec 2005 12:49:51 +0000 (12:49 +0000)]
r12286: handle absolute path and url in lock_path() as in private_path()
metze
Stefan Metzmacher [Fri, 16 Dec 2005 11:54:05 +0000 (11:54 +0000)]
r12285: move the smbd.tmp into piddir, --with-fhs piddir is different
from lockdir and they are typically set to piddir=/var/run/samba
and lockdir=/var/lib/samba, and we should keep the temporary stuff
under /var/run/samba
metze
Stefan Metzmacher [Fri, 16 Dec 2005 10:21:05 +0000 (10:21 +0000)]
r12284: use the correct name for logging
metze
Andrew Bartlett [Thu, 15 Dec 2005 20:38:24 +0000 (20:38 +0000)]
r12269: Update to current lorikeet-heimdal. This changed the way the hdb
interface worked, so hdb-ldb.c and the glue have been updated.
Andrew Bartlett
Andrew Bartlett [Thu, 15 Dec 2005 20:29:02 +0000 (20:29 +0000)]
r12268: Use transactions to ensure that the schannel db is consistant.
Andrew Bartlett
Andrew Bartlett [Thu, 15 Dec 2005 20:25:37 +0000 (20:25 +0000)]
r12267: Try to avoid segfault in kerberos libs, because we talloc_free()'ed
the old event context in the standard process modal child.
Andrew Bartlett
Stefan Metzmacher [Thu, 15 Dec 2005 19:23:35 +0000 (19:23 +0000)]
r12266: add --with-libdir option to overwrite the result that is set by --with-fhs=yes/no
metze
Stefan Metzmacher [Thu, 15 Dec 2005 19:13:40 +0000 (19:13 +0000)]
r12265: as all server_service modules are specified in smbd/config.mk
follow this rule for the winbind one too
metze
Stefan Metzmacher [Thu, 15 Dec 2005 18:08:25 +0000 (18:08 +0000)]
r12260: move the string "smbd" to one place
metze
Jelmer Vernooij [Thu, 15 Dec 2005 17:19:27 +0000 (17:19 +0000)]
r12256: Add helper script for installing pkg-config files
Stefan Metzmacher [Thu, 15 Dec 2005 16:53:20 +0000 (16:53 +0000)]
r12255: - we don't use SIGUSR1 anymore, so ignore it
- we don't handle SIGHUP just, so ignore it
metze
Jelmer Vernooij [Thu, 15 Dec 2005 16:32:08 +0000 (16:32 +0000)]
r12254: Add some (hopefully correct) descriptions for libraries that are installed.
Install pkg-config files.
Jelmer Vernooij [Thu, 15 Dec 2005 15:59:10 +0000 (15:59 +0000)]
r12253: Automatically build seperate binaries without -rpath to install when
using shared libraries and developer mode is enabled.
Andrew Bartlett [Thu, 15 Dec 2005 02:39:29 +0000 (02:39 +0000)]
r12252: With this change (hack) we can now do an provision onto Samba4's LDAP
server. Now to try another one...
Andrew Bartlett
Stefan Metzmacher [Wed, 14 Dec 2005 21:27:29 +0000 (21:27 +0000)]
r12247: - reject freeing the wrepl_socket inside of wrepl_socket_dead()
- free it at the end of wrepl_socket_dead() if needed
metze
Stefan Metzmacher [Wed, 14 Dec 2005 19:19:43 +0000 (19:19 +0000)]
r12242: - make the push notifications triggered by the change count
- for now we fake the change count to '1', so we'll still have periodicly triggered push
notifies, the interval is the 'wreplsrv:periodic_interval=60'
- add the 'pushUseInform' attribute to the wreplPartner objectClass
to configure if we'll use WREPL_REPL_INFORM notifies
metze
Stefan Metzmacher [Wed, 14 Dec 2005 19:07:53 +0000 (19:07 +0000)]
r12241: fix the inform push notifies
metze
Stefan Metzmacher [Wed, 14 Dec 2005 19:04:45 +0000 (19:04 +0000)]
r12240: if the caller isn't interessted in the reply packet, just free it
(mostly use for send_only requests, where we don't have a reply at all)
metze
Stefan Metzmacher [Wed, 14 Dec 2005 18:24:59 +0000 (18:24 +0000)]
r12239: as we only get error from our events system when we wait for read events,
we need to initialy ask for read events too, otherwise we'll never get an
error back from socket_connect()
metze
Stefan Metzmacher [Wed, 14 Dec 2005 18:22:38 +0000 (18:22 +0000)]
r12238: don't crash when an error happens while connecting and the packet_context isn't inplace yet
metze
Andrew Bartlett [Wed, 14 Dec 2005 17:16:06 +0000 (17:16 +0000)]
r12232: I hate SWAT code being outside 'source'. Add in code to push the
user's session info into ldb structure for the ldb tests.
Andrew Bartlett
Stefan Metzmacher [Wed, 14 Dec 2005 10:56:43 +0000 (10:56 +0000)]
r12230: prepare for a generic periodic processing scheduling of
pull,push,scavenging and reread-config events
metze
Stefan Metzmacher [Wed, 14 Dec 2005 08:46:52 +0000 (08:46 +0000)]
r12229: fix the expire time for released records
metze
Stefan Metzmacher [Wed, 14 Dec 2005 08:38:25 +0000 (08:38 +0000)]
r12228: fix the expire time for RELEASED records
metze
Andrew Bartlett [Wed, 14 Dec 2005 07:22:25 +0000 (07:22 +0000)]
r12227: I realised that I wasn't yet seeing authenticated LDAP for the ldb
backend.
The idea is that every time we open an LDB, we can provide a
session_info and/or credentials. This would allow any ldb to be remote
to LDAP. We should also support provisioning to a authenticated ldap
server.
(They are separate so we can say authenticate as foo for remote, but
here we just want a token of SYSTEM).
Andrew Bartlett
Jelmer Vernooij [Tue, 13 Dec 2005 21:42:03 +0000 (21:42 +0000)]
r12219: Use some more common functions
Jelmer Vernooij [Tue, 13 Dec 2005 21:00:52 +0000 (21:00 +0000)]
r12218: Use common functions for generating lists
Stefan Metzmacher [Tue, 13 Dec 2005 19:45:24 +0000 (19:45 +0000)]
r12217: add my copyright
metze
Jelmer Vernooij [Tue, 13 Dec 2005 19:38:12 +0000 (19:38 +0000)]
r12216: Couple of small fixes: reduce include/includes.h a bit, simplify headers
in build/smb_build/, remove unused pstring macros
Stefan Metzmacher [Tue, 13 Dec 2005 17:39:24 +0000 (17:39 +0000)]
r12211: remove unused element
metze
Jelmer Vernooij [Tue, 13 Dec 2005 16:48:37 +0000 (16:48 +0000)]
r12209: Fix some issues with XML entities.
Jelmer Vernooij [Tue, 13 Dec 2005 16:25:07 +0000 (16:25 +0000)]
r12208: Remove obsolete scons directory
Jelmer Vernooij [Tue, 13 Dec 2005 16:11:45 +0000 (16:11 +0000)]
r12207: More improvements to the Debian package by Steinar Gunderson.
Jelmer Vernooij [Tue, 13 Dec 2005 13:14:23 +0000 (13:14 +0000)]
r12206: Fix some issues in NOEMIT
Jelmer Vernooij [Tue, 13 Dec 2005 01:56:04 +0000 (01:56 +0000)]
r12205: Support 'TFS' command in conformance files
Jelmer Vernooij [Mon, 12 Dec 2005 21:56:40 +0000 (21:56 +0000)]
r12201: Remove some lines that I accidently added more then once
Stefan Metzmacher [Mon, 12 Dec 2005 21:31:42 +0000 (21:31 +0000)]
r12200: - move the the winsreplication client and server code to the packet_context
system
- this needs to be in one big patch, because of the merging code,
that changes client in server connections and the other way around
- use socket_connect_send/_recv() in the client code
metze
Jelmer Vernooij [Mon, 12 Dec 2005 19:45:47 +0000 (19:45 +0000)]
r12198: Some more Debian updates. Thanks to Steinar H. Gunderson
Jelmer Vernooij [Mon, 12 Dec 2005 19:33:09 +0000 (19:33 +0000)]
r12197: Some improvements to the Debian package. Thanks to Steinar Gunderson
Jelmer Vernooij [Sun, 11 Dec 2005 14:44:38 +0000 (14:44 +0000)]
r12181: Use BASE_HEX rather then BASE_DEC by default for bitmaps. Patch by Guy
Harris. Fixes #3313
Andrew Bartlett [Sun, 11 Dec 2005 08:31:46 +0000 (08:31 +0000)]
r12179: Allow our KDC to use LDAP to get to the backend database.
To avoid a circular depenency, it is not allowed to use Krb5 as an
authentication mechanism, so this must be removed from the list. An
extension to the credentials system allows this function.
Also remove proto.h use for any of the KDC, and use NTSTATUS returns
in more places.
Andrew Bartlett
Andrew Bartlett [Sun, 11 Dec 2005 08:27:14 +0000 (08:27 +0000)]
r12178: Make ldb_ildap work against localhost again, by setting the event
context into the ldb opaque. I'm sure this was done before, and must
have been lost by some other change.
Andrew Bartlett
Rafal Szczesniak [Sat, 10 Dec 2005 10:10:44 +0000 (10:10 +0000)]
r12162: More comments.
rafal
Volker Lendecke [Sat, 10 Dec 2005 09:18:03 +0000 (09:18 +0000)]
r12161: Fix a memleak and do the -O1 janitor :-)
Andrew Tridgell [Fri, 9 Dec 2005 23:43:02 +0000 (23:43 +0000)]
r12158: added ldif handlers for the ntSecurityDescriptor attribute, so when
displaying security descriptors in ldbsearch or ldbedit you can see
the SDDL version.
This also allows us to specify security descriptors in our
setup/*.ldif files in SDDL format, which is much more convenient than
the NDR binary format!
Andrew Tridgell [Fri, 9 Dec 2005 23:40:14 +0000 (23:40 +0000)]
r12157: ldb_dump_results() is useful to call from within gdb, so you can see a
set of results
Andrew Tridgell [Fri, 9 Dec 2005 23:39:00 +0000 (23:39 +0000)]
r12156: added samdb_domain_sid(), a routine to get the domain sid by looking
up the rootDomainNamingContext in the rootdse, then getting the
objectsid from the root of the domain