Andrew Tridgell [Thu, 11 Feb 2010 13:33:13 +0000 (00:33 +1100)]
s4-provision: import the R2 functional level
this makes it easier to modify the script to set us at R2 level in
provision. We should make this a parameter.
Andrew Tridgell [Thu, 11 Feb 2010 13:11:11 +0000 (00:11 +1100)]
s4-build: avoid finding python symlinks
emacs creates symlinks to .py files while you are editing them. This
could cause build failures.
Andrew Tridgell [Thu, 11 Feb 2010 12:39:56 +0000 (23:39 +1100)]
s4-provision: fixed --function-level option to provision
we need the DS_DOMAIN_* levels imported
Andrew Tridgell [Thu, 11 Feb 2010 12:38:23 +0000 (23:38 +1100)]
s4-script: make enablerecyclebin use system_session
This allows it to work against our local ldb
Andrew Tridgell [Thu, 11 Feb 2010 12:37:44 +0000 (23:37 +1100)]
s4-pyldb: null terminate string ldb message elements from python
We need to eventually get rid of ldb_msg_find_attr_as_string() (or add
a mem_ctx to it), but meanwhile we have too many places that break if
we don't add a nul to the end of ldb msg strings from python.
Andrew Tridgell [Thu, 11 Feb 2010 12:35:31 +0000 (23:35 +1100)]
libds: added recyclebin feature GUID
Günther Deschner [Thu, 11 Feb 2010 12:32:44 +0000 (13:32 +0100)]
s3: re-run make samba3-idl.
Guenther
Günther Deschner [Thu, 11 Feb 2010 12:07:38 +0000 (13:07 +0100)]
spoolss: allow to set server architecture via parametric option.
This allows to set "spoolss:architecture = 'Windows x64'" for debugging purpose.
Guenther
Günther Deschner [Wed, 10 Feb 2010 23:44:06 +0000 (00:44 +0100)]
s3-spoolss: implement spoolss_EnumJobs level 3.
Level 3 has been added with NT 4.0 and Windows 7 (at least 64bit version) makes
use of it in order to display queued jobs. Windows 7 will *not* fall back to
level 2 if we just return WERR_UNKNOWN_LEVEL, instead there will be no printjobs
displayed at all.
Guenther
Günther Deschner [Thu, 11 Feb 2010 00:24:12 +0000 (01:24 +0100)]
testprogs: one more error code for spoolss test.
Guenther
Günther Deschner [Wed, 10 Feb 2010 23:06:20 +0000 (00:06 +0100)]
testprogs: print secdesc->Control in spoolss test.
Guenther
Günther Deschner [Wed, 10 Feb 2010 23:04:53 +0000 (00:04 +0100)]
testprogs: use ConvertSidToStringSid in order to print sids in spoolss test.
Guenther
Fernando J V da Silva [Fri, 5 Feb 2010 18:33:03 +0000 (16:33 -0200)]
s4-drs: Add DRSUAPI_DRS_NONGC_RO_REP bit to DRS_OPTIONS
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Andrew Tridgell [Thu, 11 Feb 2010 10:28:48 +0000 (21:28 +1100)]
s4-net-drs: fix some coding style issues
We should use the system/*.h headers for system includes. We also try
to avoid C++ comments.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Kamen Mazdrashki [Sat, 6 Feb 2010 01:13:33 +0000 (03:13 +0200)]
s4/net_drs: 'net drs kcc' command implementation
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Kamen Mazdrashki [Fri, 5 Feb 2010 20:36:36 +0000 (22:36 +0200)]
s4/net_drs: 'net drs bind' command implementation
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Kamen Mazdrashki [Fri, 5 Feb 2010 20:36:10 +0000 (22:36 +0200)]
s4/net_drs: 'net drs' utility initial creation
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Kamen Mazdrashki [Fri, 5 Feb 2010 20:37:54 +0000 (22:37 +0200)]
s4/idl: regenerating drsuapi.idl
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Kamen Mazdrashki [Fri, 5 Feb 2010 20:37:27 +0000 (22:37 +0200)]
s4/idl: Naming reserved flags for DRSUAPI_SUPPORTED_EXTENSION_ field
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Matthieu Patou [Tue, 26 Jan 2010 23:03:15 +0000 (02:03 +0300)]
provision: Use short name for assignee of ACE (BA, SA, CO, ...)
Use short name (shortcut for wellknown SID/RID) for assignee in each entry of ACL (when possible)
of sysvol files (GPO objects and netlogon folders).
This avoid error prone substitution of DOMAINSID in ACL and make ACL clearer by using shortname
for assignee accordingly with SDDL synthax rules. Translation to real SID is handled internaly by the
from_sddl function.
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Matthieu Patou [Tue, 26 Jan 2010 22:32:29 +0000 (01:32 +0300)]
python-s4: use secrets.ldb instead of sam.ldb for reading domain SID
This allow to be able to run net acl set xxx yyy on DC, but also on domain
member.
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Matthieu Patou [Mon, 8 Feb 2010 12:36:07 +0000 (15:36 +0300)]
provision: Fix an error with eadb when using not default install dir and running as a non root user
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Andrew Tridgell [Thu, 11 Feb 2010 09:49:29 +0000 (20:49 +1100)]
s4-dns: don't leave behind a tmp file
If the dns update file doesn't need updating we need to delete the tmp
file
Andrew Tridgell [Thu, 11 Feb 2010 09:48:47 +0000 (20:48 +1100)]
s4-selftest: don't run rndc reload in selftest
We don't want rndc calls on the build farm
Andrew Tridgell [Thu, 11 Feb 2010 09:21:15 +0000 (20:21 +1100)]
s4-dns: added a dns update task
This task watches for changes in the list of DCs, and creates a bind9
formatted file that grants update permission to all DCs, plus to the
administration, and machines update for their own names.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 11 Feb 2010 09:20:11 +0000 (20:20 +1100)]
s4-provision: cope with umask in creating private/dns
Andrew Tridgell [Thu, 11 Feb 2010 09:19:40 +0000 (20:19 +1100)]
util: added file_compare() utility function
file_compare() returns true if two files are the same. It is meant for
small files.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 11 Feb 2010 09:18:50 +0000 (20:18 +1100)]
libreplace: added replacements for dprintf() and vdprintf()
these are very useful for writing files with formatted writes
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Tridgell [Thu, 11 Feb 2010 04:25:13 +0000 (15:25 +1100)]
s4-provision: pre-create a named.conf.update file
The named.conf.update file will be filled in at runtime by Samba to
contain the list of bind9 grant rules for granting DNS dynamic update
permissions on the domain.
Andrew Tridgell [Thu, 11 Feb 2010 02:17:09 +0000 (13:17 +1100)]
s4-provision: move zone file to dns subdirectory
This allows the permissions to be correctly set for bind to write to
a journal file. It also sets the right group ownership and permissions
on the files that bind needs to access.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 11 Feb 2010 06:13:42 +0000 (17:13 +1100)]
s4:provision Be more polite to long-suffering Samba testers.
Our testers put up with a lot of odd things when testing out Samba4.
Andrew Bartlett
Jeremy Allison [Thu, 11 Feb 2010 01:20:21 +0000 (17:20 -0800)]
Fix unused variable warning after change to new DLINK macros.
Jeremy.
Jeremy Allison [Thu, 11 Feb 2010 00:23:33 +0000 (16:23 -0800)]
Fix bad use when freeing linked list. Todd Stecher (Original author) please check !
Jeremy.
Andrew Tridgell [Sun, 7 Feb 2010 05:06:31 +0000 (16:06 +1100)]
test:local added LOCAL-DLINKLIST testsuite
(cherry picked from commit
95a5bee2c30a67a35604b0456ab7836f6dc67702)
Andrew Tridgell [Wed, 10 Feb 2010 23:53:58 +0000 (15:53 -0800)]
util: rewrite dlinklist.h so that DLIST_ADD_END() is O(1)
This changes the meaning of the ->prev pointer in our doubly linked
lists to point at the end of the list from the front of the list. That
allows us to implement DLIST_ADD_END() and related functions in O(1)
time, which can be a huge saving in many places in Samba.
This also means that the 'type' argument to various DLIST_*() macros
is no longer needed, but I have left it in for now to keep the
patchset small, which will make it easier to revert if any problems
are found. In the future we should remove the 'type' arguments.
(jra. Move the one use of DLIST_TAIL over to the new macros).
Andrew Tridgell [Sat, 6 Feb 2010 01:42:29 +0000 (12:42 +1100)]
s3-smbd: update to use new DLIST macros
(cherry picked from commit
365b408c458c848a818637d9b36a0423aeb1ba54)
Andrew Tridgell [Sat, 6 Feb 2010 01:41:57 +0000 (12:41 +1100)]
s3-registry: update to use new DLIST macros
(cherry picked from commit
3437713ad7e5bccafde30553a8232119fd2a9eb9)
Andrew Tridgell [Sat, 6 Feb 2010 01:41:39 +0000 (12:41 +1100)]
s3-perfcount: update to use new DLIST macros
(cherry picked from commit
a13b507f2d8be7f90c8872094cd0732926a6fcbb)
Andrew Tridgell [Sat, 6 Feb 2010 01:41:07 +0000 (12:41 +1100)]
s3-locking: update to use DLIST_ADD_AFTER()
(cherry picked from commit
6c6df527e14514027cbcaa6deac25adf04363926)
Andrew Tridgell [Sat, 6 Feb 2010 01:40:38 +0000 (12:40 +1100)]
s3-libsmb: update libsmb to use new DLIST macros
manipulating p->prev directly is not safe any more
(cherry picked from commit
3c650ac1e3e1cdbbabecfddcd29325f20b5dcb48)
Andrew Tridgell [Sat, 6 Feb 2010 01:40:03 +0000 (12:40 +1100)]
s3-memcache: update memcache to use new DLIST macros
we don't need a separate lru pointer any more
(cherry picked from commit
4ffd7aca3e38728077bd80c2a65c4efbcfd216fc)
Andrew Tridgell [Sat, 6 Feb 2010 01:38:47 +0000 (12:38 +1100)]
s3-ldb: update the old ldb in s3 to use new DLIST macros
(cherry picked from commit
a7d8bfd373392eecf4fff33d39b85e1b55ad901d)
Andrew Tridgell [Sat, 6 Feb 2010 01:38:24 +0000 (12:38 +1100)]
s3-nmbd: update nmbd to use new DLIST_ macros
(cherry picked from commit
4d23d777bc6d4fad20d0f3084fe658635812bee9)
Andrew Tridgell [Sat, 6 Feb 2010 01:37:48 +0000 (12:37 +1100)]
s4-ldb: update ldb_tdb to use new DLIST_ macros
(cherry picked from commit
6ede911654566a7e21ded70dacac68df3b6a1bca)
Jeremy Allison [Wed, 10 Feb 2010 23:35:38 +0000 (15:35 -0800)]
s4-dsdb: update repl_meta_data.c to use new DLIST_ macros
Jeremy Allison [Wed, 10 Feb 2010 23:30:59 +0000 (15:30 -0800)]
Temporary changes to dlinklist to keep the implementation static whilst
uses of (list)->prev are moved over to DLIST_PREV. This will be replaced
when the final (new) version of the dlinklist.h header is added.
Jeremy.
Jeremy Allison [Wed, 10 Feb 2010 20:42:27 +0000 (12:42 -0800)]
Revert "Change the default of "nmbd bind explicit broadcast" to "no""
This reverts commit
84fba3c1bc962804259f201d465acfdf0cd3c6a8.
Now we have a "processed packet queue" in nmbd we can go back
to doing this by default.
Jeremy.
Jeremy Allison [Wed, 10 Feb 2010 20:32:05 +0000 (12:32 -0800)]
More of the fix for bug #7118 - nmbd problems with socket address.
Add a simple "processed packet queue" cache to stop nmbd responding to
packets received on the broadcast and non-broadcast socket (which
it has opened when "nmbd bind explicit broadcast = yes").
This is a very simple packet queue - it only keeps the packets
processed during a single call to listen_for_packets() (i.e. one
select call). This means that if the delivery notification for a
packet received on both broadcast and non-broadcast addresses
is done in two different select calls, the packet will still be
processed twice. This is a very rare occurrance and we can just
live with it when it does as the protocol is stateless. If this
is ever flagged as a repeatable problem then we can add a longer
lived cache, using timeout processing to clear etc. etc. But without
storing all packets processed we can never be *sure* we've eliminated
the race condition so I'm going to go with this simple solution until
someone proves a more complex one is needed :-).
Jeremy.
Jeremy Allison [Wed, 10 Feb 2010 16:39:37 +0000 (08:39 -0800)]
Change the default of "nmbd bind explicit broadcast" to "no"
until the double processing problem in bug #7118 is fixed.
Jeremy.
Günther Deschner [Wed, 10 Feb 2010 12:17:36 +0000 (13:17 +0100)]
testprogs: add more error codes for spoolss test.
Guenther
Björn Jacke [Wed, 10 Feb 2010 12:48:11 +0000 (13:48 +0100)]
s3: change ldap filter to what really was intended
Rusty Russell [Thu, 4 Feb 2010 13:29:54 +0000 (23:59 +1030)]
tdb: fix recovery reuse after crash
If a process (or the machine) dies after just after writing the
recovery head (pointing at the end of file), the recovery record will filled
with 0x42. This will not invoke a recovery on open, since rec.magic
!= TDB_RECOVERY_MAGIC.
Unfortunately, the first transaction commit will happily reuse that
area: tdb_recovery_allocate() doesn't check the magic. The recovery
record has length 0x42424242, and it writes that back into the
now-valid-looking transaction header) for the next comer (which
happens to be tdb_wipe_all in my tests).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell [Thu, 4 Feb 2010 13:30:24 +0000 (00:00 +1030)]
tdb: give a name to the invalid recovery area constant (0)
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Andrew Bartlett [Wed, 10 Feb 2010 02:56:24 +0000 (13:56 +1100)]
s4:provision Just 'do the right thing' with empty smb.conf files
For some reason, JHT keeps on creating an empty smb.conf file,
expecting it to be the same as a non-existant one. It is easier to
just realise what he meant.
Andrew Bartlett
Günther Deschner [Tue, 9 Feb 2010 23:43:51 +0000 (00:43 +0100)]
s4-smbtorture: use test_GetPrinter_level in RPC-SPOOLSS-NOTIFY.
Guenther
Jeremy Allison [Tue, 9 Feb 2010 23:14:38 +0000 (15:14 -0800)]
Fix bug #7122 - Reading a large browselist fails (server returns invalid values in subsequent SMBtrans replies)
There are two problems:
1). The server is off-by-one in the end of buffer space test.
2). The server returns 0 in the totaldata (smb_vwv1) and totalparams (smb_vwv0)
fields in the second and subsequent SMBtrans replies.
This patch fixes both.
Jeremy.
Jeremy Allison [Tue, 9 Feb 2010 22:56:12 +0000 (14:56 -0800)]
Missed one check on the memcpy for bug #7063.
Jeremy.
Jeremy Allison [Tue, 9 Feb 2010 22:48:15 +0000 (14:48 -0800)]
Second part of fix for bug 7063 - Samba 3.4.5 on ubuntu 8.04 64 bit - Core dumps.
Ensure we have no naked memcpy calls. This isn't a crash bug (it's
already checked in the data_blob_talloc_zero() above, but I want to
get into the pattern of having all memcpy's covered by safety checks.
Jeremy.
Jeremy Allison [Tue, 9 Feb 2010 20:17:08 +0000 (12:17 -0800)]
Fix off-by-one error in working out the limit of the NetServerEnum comment.
Jeremy.
Stefan Metzmacher [Tue, 9 Feb 2010 17:58:36 +0000 (18:58 +0100)]
s3:smbd: use StrCaseCmp() instead of strcasecmp
metze
Stefan Metzmacher [Tue, 9 Feb 2010 17:54:41 +0000 (18:54 +0100)]
s3:smbd: Fix really ugly bool vs. int bug!!!
A comparison function for qsort needs to return an 'int'!
Otherwise you'll get random results depending on the compiler
and the architecture...
metze
Matthias Dieter Wallnöfer [Tue, 9 Feb 2010 16:48:44 +0000 (17:48 +0100)]
check_python.m4 - Raise the minimum python version up to 2.4
This is needed since we at the s4 side have some code which requires this. I
think everybody should be fine since we got no complaints on the mailing list
about this change.
Patch template: Jelmer Vernooij <jelmer@samba.org>
Matthias Dieter Wallnöfer [Thu, 4 Feb 2010 10:25:06 +0000 (11:25 +0100)]
pidl - Remove "Py_RETURN_NONE" compatibility code
This was needed only by Python 2.3 which we no longer support.
Matthias Dieter Wallnöfer [Thu, 4 Feb 2010 10:17:40 +0000 (11:17 +0100)]
s4:Remove "Py_RETURN_NONE" compatibility code
This was needed only by Python 2.3 which we no longer support.
Karolin Seeger [Tue, 9 Feb 2010 16:21:01 +0000 (17:21 +0100)]
s3-docs: Fix make manpages3.
Karolin
Karolin Seeger [Tue, 9 Feb 2010 15:36:39 +0000 (16:36 +0100)]
s3-docs: Add missing para end tag.
Karolin
(cherry picked from commit
b78de63ef3cde53e3aabbe46654aac5a335f16a8)
Günther Deschner [Tue, 9 Feb 2010 15:16:54 +0000 (16:16 +0100)]
testprogs: regenerate printlib prototypes for spoolss test.
Guenther
Günther Deschner [Tue, 9 Feb 2010 15:14:45 +0000 (16:14 +0100)]
testprogs: print job info levels in EnumJobs() spoolss tests.
Guenther
Günther Deschner [Tue, 9 Feb 2010 14:59:29 +0000 (15:59 +0100)]
testprogs: print datatypes info levels in EnumPrintProcessorDatatypes() spoolss tests.
Guenther
Günther Deschner [Tue, 9 Feb 2010 14:54:25 +0000 (15:54 +0100)]
testprogs: print printprocessor info levels in EnumPrintProcessors() spoolss tests.
Guenther
Günther Deschner [Tue, 9 Feb 2010 14:24:34 +0000 (15:24 +0100)]
testprogs: print monitor info levels in EnumMonitors() spoolss tests.
Guenther
Günther Deschner [Tue, 9 Feb 2010 14:00:54 +0000 (15:00 +0100)]
testprogs: print port info levels in EnumPorts() spoolss tests.
Guenther
Günther Deschner [Tue, 9 Feb 2010 13:49:04 +0000 (14:49 +0100)]
testprogs: print form info levels in EnumForms(),GetForm() spoolss tests.
Guenther
Stefan Metzmacher [Tue, 9 Feb 2010 11:58:29 +0000 (12:58 +0100)]
s3:selftest: make selftest requires bash for now
So force bash until we removed the dependency to bash.
metze
Stefan Metzmacher [Tue, 9 Feb 2010 11:57:01 +0000 (12:57 +0100)]
s3:passdb: only use gid_to_sid() result if the result is a group of our local sam
Otherwise retry with pdb_gid_to_sid().
metze
Björn Jacke [Tue, 9 Feb 2010 08:07:54 +0000 (09:07 +0100)]
s3: fix some wrong newlines in de translation strings
Björn Jacke [Tue, 9 Feb 2010 08:09:57 +0000 (09:09 +0100)]
vfs_catia: fix return type warnings
Andrew Tridgell [Tue, 9 Feb 2010 02:18:31 +0000 (13:18 +1100)]
s4-torture: allow host-only in unc lists in smbtorture
Allow UNC lists like this:
192.168.2.1
192.168.2.2
192.168.2.3
the share name will be taken from the command line
Jeremy Allison [Mon, 8 Feb 2010 22:35:02 +0000 (14:35 -0800)]
Make "nmbd bind explicit broadcast" on by default.
Fix a comment typo.
Jeremy.
Jeremy Allison [Mon, 8 Feb 2010 19:04:38 +0000 (11:04 -0800)]
Fix bug #6876 for acl_tdb module.
As pointed out by bj@sernet.de, the rmdir module initializer was
duplicated. Fix this properly.
Jeremy.
Stefan Metzmacher [Mon, 8 Feb 2010 17:38:03 +0000 (18:38 +0100)]
s3:libsmb: fix NetServerEnum3 rap calls.
metze
Stefan Metzmacher [Fri, 5 Feb 2010 17:08:46 +0000 (18:08 +0100)]
s3:smbd: implement api_RNetServerEnum3
This is needed to support large browse lists.
metze
Stefan Metzmacher [Mon, 8 Feb 2010 17:45:18 +0000 (18:45 +0100)]
s3:smbd: add/improve some DEBUG messages in api_RNetServerEnum2()
metze
Stefan Metzmacher [Fri, 5 Feb 2010 15:55:15 +0000 (16:55 +0100)]
s3:smbd: rename api_RNetServerEnum => api_RNetServerEnum2
metze
Stefan Metzmacher [Mon, 8 Feb 2010 11:59:13 +0000 (12:59 +0100)]
s3:docs-xml: document "nmbd bind explicit broadcast"
metze
Stefan Metzmacher [Mon, 8 Feb 2010 11:51:29 +0000 (12:51 +0100)]
s3:nmbd: change "nmbd:bind explicit broadcast" into "nmbd bind explicit broadcast"
metze
Stefan Metzmacher [Thu, 28 Jan 2010 10:04:05 +0000 (11:04 +0100)]
s3:nmbd: also listen explicit on the subnet broadcast addresses
And send replies always via the unicast address of the subnet.
This behavior is off by default (as before)
and can be enabled with "nmbd:bind explicit broadcast = yes".
metze
Simo Sorce [Mon, 8 Feb 2010 15:25:13 +0000 (10:25 -0500)]
release-scripts: parametrize scripts
This should make it easier to keep all release scripts alined as it will reduce
the difference between them to ideally a few variables
Also moves the tdb script in the scripts directory.
Simo Sorce [Mon, 8 Feb 2010 15:05:24 +0000 (10:05 -0500)]
talloc: Fix abi checks in release script
We must perform abi checks against the version we are going to release.
Not against the current tree we are in.
Simo Sorce [Mon, 8 Feb 2010 15:02:49 +0000 (10:02 -0500)]
talloc: Fix abi checks and ifdefs
teach the abi check scripts to skip the DOXYGEN sections
fix the header to use #ifdef DOXYGEN and not #if DOXYGEN
Günther Deschner [Wed, 9 Dec 2009 10:21:08 +0000 (11:21 +0100)]
s4-smbtorture: skip over ValidatePassword if DCERPC error is returned.
Guenther
Matthias Dieter Wallnöfer [Mon, 8 Feb 2010 11:08:36 +0000 (12:08 +0100)]
s4:subtree_delete - "NULL" as format string isn't allowed on FreeBSD
I changed the format string into "(objectClass=*)" which should be an
equivalent expression for choosing all available objects.
Consider bug 7115 for the issue.
Günther Deschner [Mon, 8 Feb 2010 10:53:59 +0000 (11:53 +0100)]
s3-net: fix net ads dns usage calls.
Bjoern, please check.
Guenther
Stefan Metzmacher [Fri, 5 Feb 2010 15:20:21 +0000 (16:20 +0100)]
s3:pdb_ldap: don't search for the users primary group, if we already know it
metze
Stefan Metzmacher [Wed, 3 Feb 2010 10:32:41 +0000 (11:32 +0100)]
s3:pdb_ldap: optimize ldapsam_alias_memberships() and cache ldap searches.
ldapsam_alias_memberships() does the same LDAP search twice, triggered
via add_aliases() from create_local_nt_token().
This happens when no domain aliases are used.
metze
Stefan Metzmacher [Thu, 4 Feb 2010 16:19:57 +0000 (17:19 +0100)]
s3:pdb_ldap: try to build the full unix_pw structure with ldapsam:trusted support
And also store the gid_to_sid mappings in the idmap_cache.
metze
Stefan Metzmacher [Thu, 4 Feb 2010 16:16:59 +0000 (17:16 +0100)]
s3:passdb: speed up pdb_get_group_sid()
Use the cached version gid_to_sid() instead
of pdb_gid_to_sid().
And also avoid the expensive lookup_sid() call
for wellkown domain groups.
metze
Volker Lendecke [Sun, 31 Jan 2010 14:18:51 +0000 (15:18 +0100)]
s3: Make pdb_copy_sam_account also copy the group sid
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Sat, 30 Jan 2010 21:28:19 +0000 (22:28 +0100)]
s3: shortcut gid_to_sid when "ldapsam:trusted = yes"
The normal gid_to_sid behaviour is to call sys_getgrgid()
to get the name for the given gid and then call the
getsamgrnam passdb method for the resulting name.
In the ldapsam:trusted case we can reduce the gid_to_sid
operation to one simple search for the gidNumber attribute
and only get the sambaSID attribute from the correspoinding
LDAP object. This reduces the number of ldap roundtrips
for this operation.
metze
Stefan Metzmacher [Mon, 8 Feb 2010 08:57:31 +0000 (09:57 +0100)]
s4:heimdal: regerenate files
Andrew using cp like in commit
ca12e7bc8ff4a91f2044c0a60550fec902e97a78
is wrong as that removes #include "config.h" and breaks the build on AIX.
metze