ira/wip.git
10 years agos4-test: fixed make test without having done make install
Andrew Tridgell [Sun, 10 Jan 2010 22:29:29 +0000 (09:29 +1100)]
s4-test: fixed make test without having done make install

client.conf didn't specify "setup directory"

10 years agos4:upgradeprovision - fix up the script regarding linked attributes
Matthias Dieter Wallnöfer [Sun, 10 Jan 2010 20:34:05 +0000 (21:34 +0100)]
s4:upgradeprovision - fix up the script regarding linked attributes

We have to try to add new objects until between two iterations we didn't make
any progress. Either we are then done (no objects remaining) or we are
incapable to do this fully automatically.

The latter can happen if important system objects (builtin groups, users...)
moved (e.g. consider one of my recent comments). Then the new object can't be
added if it contains the same "sAMAccountName" attribute as the old one. We
have to let the user delete the old one (also to give him a chance to backup
personal changes - if needed) and only then the script is capable to add the
new one onto the right place. Make this clear with an exhaustive error output.

I personally don't see a good way how to do this better for now so I would leave
this as a manual step.

10 years agos4:upgradeprovision - Reformat comments
Matthias Dieter Wallnöfer [Sun, 10 Jan 2010 19:08:50 +0000 (20:08 +0100)]
s4:upgradeprovision - Reformat comments

Make them break at line 80 (better readability).

10 years agos4:repl_meta_data - Transform a "1" into a "true" on a boolean variable
Matthias Dieter Wallnöfer [Sun, 10 Jan 2010 18:49:40 +0000 (19:49 +0100)]
s4:repl_meta_data - Transform a "1" into a "true" on a boolean variable

10 years agos4:provision_users.ldif - Add objects for IIS
Matthias Dieter Wallnöfer [Sun, 10 Jan 2010 13:20:09 +0000 (14:20 +0100)]
s4:provision_users.ldif - Add objects for IIS

Some WSPP locations point out that they're defacto-standards for Windows Server deployments starting with 2008. So we should add them to s4 too.

10 years agos4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific
Matthias Dieter Wallnöfer [Sun, 10 Jan 2010 14:43:07 +0000 (15:43 +0100)]
s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific

10 years agos4:provision_users.ldif - Fix memberships regarding the denied password RODC replicat...
Matthias Dieter Wallnöfer [Sun, 10 Jan 2010 14:38:55 +0000 (15:38 +0100)]
s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group

10 years agos3: Remove some unused variables
Volker Lendecke [Sun, 10 Jan 2010 21:42:02 +0000 (22:42 +0100)]
s3: Remove some unused variables

10 years agos3: Fix some nonempty blank lines
Volker Lendecke [Sat, 9 Jan 2010 19:26:46 +0000 (20:26 +0100)]
s3: Fix some nonempty blank lines

10 years agos3: Use sid_check_is_domain instead of a direct sid_equal
Volker Lendecke [Sun, 10 Jan 2010 16:58:12 +0000 (17:58 +0100)]
s3: Use sid_check_is_domain instead of a direct sid_equal

10 years agos3: Use sid_check_is_in_our_domain instead of a direct sid_peek_check_rid
Volker Lendecke [Sun, 10 Jan 2010 16:57:00 +0000 (17:57 +0100)]
s3: Use sid_check_is_in_our_domain instead of a direct sid_peek_check_rid

10 years agos3: Replace most calls to sid_append_rid() by sid_compose()
Volker Lendecke [Sun, 10 Jan 2010 16:39:27 +0000 (17:39 +0100)]
s3: Replace most calls to sid_append_rid() by sid_compose()

10 years agos3: Remove unused samr_make_sam_obj_sd
Volker Lendecke [Sun, 10 Jan 2010 16:30:54 +0000 (17:30 +0100)]
s3: Remove unused samr_make_sam_obj_sd

10 years agos3: Remove the typedef for "auth_serversupplied_info"
Volker Lendecke [Sun, 10 Jan 2010 13:24:22 +0000 (14:24 +0100)]
s3: Remove the typedef for "auth_serversupplied_info"

10 years agos3: Remove the typedef for "auth_usersupplied_info"
Volker Lendecke [Sun, 10 Jan 2010 13:16:04 +0000 (14:16 +0100)]
s3: Remove the typedef for "auth_usersupplied_info"

10 years agos3: Trim libnss_wins.so
Volker Lendecke [Sun, 10 Jan 2010 12:35:37 +0000 (13:35 +0100)]
s3: Trim libnss_wins.so

10 years agos3: Trim down some utilities a bit
Volker Lendecke [Sun, 3 Jan 2010 21:28:33 +0000 (22:28 +0100)]
s3: Trim down some utilities a bit

10 years agos4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now
Matthias Dieter Wallnöfer [Sun, 10 Jan 2010 10:07:16 +0000 (11:07 +0100)]
s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now

This belongs to the AD IIS stuff where I don't know yet if we should import it.

10 years agos4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode
Matthias Dieter Wallnöfer [Sun, 10 Jan 2010 09:47:30 +0000 (10:47 +0100)]
s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode

Additionally I had to fix some bugs (especially wrong "groupTypes") and
reordered the objects using the SID (this is easier when enhancing the file).

10 years agos4-ldb: display security descriptors with correct SDL for known SIDs
Andrew Tridgell [Sun, 10 Jan 2010 01:53:07 +0000 (12:53 +1100)]
s4-ldb: display security descriptors with correct SDL for known SIDs

This makes it much easier to compare SDs

10 years agos4-dsdb: added samdb_domain_sid_cache_only()
Andrew Tridgell [Sun, 10 Jan 2010 01:52:22 +0000 (12:52 +1100)]
s4-dsdb: added samdb_domain_sid_cache_only()

10 years agos3: Remove a pointless "else" branch from add_ccache_to_list()
Volker Lendecke [Sat, 9 Jan 2010 17:43:38 +0000 (18:43 +0100)]
s3: Remove a pointless "else" branch from add_ccache_to_list()

10 years agos3: Slightly simplify winbindd_store_creds
Volker Lendecke [Sat, 9 Jan 2010 18:01:35 +0000 (19:01 +0100)]
s3: Slightly simplify winbindd_store_creds

10 years agos3: Fix a segfault in winbindd_dual_ccache_ntlm_auth()
Volker Lendecke [Sat, 9 Jan 2010 19:22:00 +0000 (20:22 +0100)]
s3: Fix a segfault in winbindd_dual_ccache_ntlm_auth()

ntlmssp_update allocates the reply_blob as a child of ntlmssp_state. This means
with ntlmss_end() it will be gone. winbindd_dual_ccache_ntlm_auth used the blob
after the ntlmssp_end().

10 years agos4-drs: instanceType is always sent, regardless of UDV values
Andrew Tridgell [Sat, 9 Jan 2010 11:08:25 +0000 (22:08 +1100)]
s4-drs: instanceType is always sent, regardless of UDV values

10 years agos4-debug: lower the verbosity of a couple of common log messages
Andrew Tridgell [Sat, 9 Jan 2010 10:43:16 +0000 (21:43 +1100)]
s4-debug: lower the verbosity of a couple of common log messages

10 years agos4-samldb: fixed primaryGroupID when promoting a machine to a DC
Andrew Tridgell [Sat, 9 Jan 2010 09:58:07 +0000 (20:58 +1100)]
s4-samldb: fixed primaryGroupID when promoting a machine to a DC

The machine gets a primaryGroupID of DOMAIN_RID_DCS. This is done
without changing the member attributes of its groups.

10 years agos4-schema: fixed the SDDL for the schema root security descriptor
Andrew Tridgell [Sat, 9 Jan 2010 09:54:16 +0000 (20:54 +1100)]
s4-schema: fixed the SDDL for the schema root security descriptor

This was preventing a DCPROMO client from allowing outgoing
replication

10 years agos4-drs: add a local UDV entry even when no replUpToDateVector present on NC
Andrew Tridgell [Sat, 9 Jan 2010 09:53:27 +0000 (20:53 +1100)]
s4-drs: add a local UDV entry even when no replUpToDateVector present on NC

This allows us to filter correctly for a NC that we have created but
not pulled from anyone.

10 years agos4-drs: give DN of failed replication partition
Andrew Tridgell [Sat, 9 Jan 2010 09:42:23 +0000 (20:42 +1100)]
s4-drs: give DN of failed replication partition

10 years agos4-drs: base is_nc_prefix on instanceType
Andrew Tridgell [Sat, 9 Jan 2010 07:50:30 +0000 (18:50 +1100)]
s4-drs: base is_nc_prefix on instanceType

for extended operations comparing to the ncRoot_dn is not correct

10 years agos4-drs: having no SPNs to change is not an error
Andrew Tridgell [Sat, 9 Jan 2010 07:10:38 +0000 (18:10 +1100)]
s4-drs: having no SPNs to change is not an error

10 years agos4-drs: fixed writespn to ignore add/delete errors
Andrew Tridgell [Sat, 9 Jan 2010 06:42:59 +0000 (17:42 +1100)]
s4-drs: fixed writespn to ignore add/delete errors

When a SPN is added and already exists, it is ignored. Similarly, when
a SPN is deleted and doesn't exist, it is ignored.

10 years agos4-dsdb: added samdb_ldb_val_case_cmp()
Andrew Tridgell [Sat, 9 Jan 2010 06:42:05 +0000 (17:42 +1100)]
s4-dsdb: added samdb_ldb_val_case_cmp()

10 years agos4-drs: moved the DsWriteAccountSpn call to its own file
Andrew Tridgell [Sat, 9 Jan 2010 06:11:01 +0000 (17:11 +1100)]
s4-drs: moved the DsWriteAccountSpn call to its own file

10 years agos4-libnet: dsdb_wellknown_dn() in vampire code
Andrew Tridgell [Sat, 9 Jan 2010 04:57:52 +0000 (15:57 +1100)]
s4-libnet: dsdb_wellknown_dn() in vampire code

10 years agos4-drs: need to set the getncchanges extended_ret on success too
Andrew Tridgell [Sat, 9 Jan 2010 04:12:18 +0000 (15:12 +1100)]
s4-drs: need to set the getncchanges extended_ret on success too

10 years agos4-drs: calculate and send a uptodateness_vector with replication requests
Andrew Tridgell [Sat, 9 Jan 2010 03:29:39 +0000 (14:29 +1100)]
s4-drs: calculate and send a uptodateness_vector with replication requests

This stops us getting objects changes twice if they came via an
indirect path.

10 years agos4-drs: be less verbose when we filter objects by UDV
Andrew Tridgell [Sat, 9 Jan 2010 03:28:00 +0000 (14:28 +1100)]
s4-drs: be less verbose when we filter objects by UDV

10 years agos4-drs: added filtering by udv in getncchanges
Andrew Tridgell [Sat, 9 Jan 2010 02:11:27 +0000 (13:11 +1100)]
s4-drs: added filtering by udv in getncchanges

When a client supplied an uptodateness_vector, we can use it to filter
what objects we return. This greatly reduces the amount of replication
traffic between DCs.

10 years agos4-idl: give a enum for attribute cn and a 'NONE' attribute
Andrew Tridgell [Sat, 9 Jan 2010 02:10:28 +0000 (13:10 +1100)]
s4-idl: give a enum for attribute cn and a 'NONE' attribute

The 'NONE' attribute has value 0xFFFFFFFF. Adding this ensures the
compiler will complain if it is set to use 16 bit enums. We rely on
being able to store 32 bits in an attid enum.

10 years agos4-drs: fixed the NC in the getncchanges RID alloc reply
Andrew Tridgell [Fri, 8 Jan 2010 23:12:54 +0000 (10:12 +1100)]
s4-drs: fixed the NC in the getncchanges RID alloc reply

the search happens on a different DN to the NC of the request, but the
reply is with the original NC

10 years agos4-debug: removed debug_ctx(). It didn't catch on :-)
Andrew Tridgell [Fri, 8 Jan 2010 22:05:56 +0000 (09:05 +1100)]
s4-debug: removed debug_ctx(). It didn't catch on :-)

There was only one user, which isn't worth it for the overhead.

10 years agos4-messaging: remove only usage of debug_ctx()
Andrew Tridgell [Fri, 8 Jan 2010 22:05:29 +0000 (09:05 +1100)]
s4-messaging: remove only usage of debug_ctx()

10 years agos4-messaging: fixed a memory leak in messaging_path()
Andrew Tridgell [Fri, 8 Jan 2010 22:04:18 +0000 (09:04 +1100)]
s4-messaging: fixed a memory leak in messaging_path()

It is a bit convoluted to fix, as cluster_id_string() may return a
const string.

10 years agos4-drs: fixed usage of ldb_dn_new()
Andrew Tridgell [Fri, 8 Jan 2010 22:03:45 +0000 (09:03 +1100)]
s4-drs: fixed usage of ldb_dn_new()

10 years agos4-ldb: validate the type of the ldb argument to ldb_dn_new()
Andrew Tridgell [Fri, 8 Jan 2010 22:03:08 +0000 (09:03 +1100)]
s4-ldb: validate the type of the ldb argument to ldb_dn_new()

It has been a common bug to get the first two arguments the wrong way
around

10 years agoFix comment
Simo Sorce [Fri, 8 Jan 2010 21:53:30 +0000 (16:53 -0500)]
Fix comment

10 years agoRe-fix bug 5202 - cannot change ACLs on writable file with "dos filemode=yes"
Jeremy Allison [Fri, 8 Jan 2010 18:17:46 +0000 (10:17 -0800)]
Re-fix bug 5202 - cannot change ACLs on writable file with "dos filemode=yes"

This bug re-occurred for 3.3.x and above.

The reason is that to change a NT ACL we now have to open the file requesting
WRITE_DAC and WRITE_OWNER access. The mapping from POSIX "w" to NT permissions
in posix_acls doesn't add these bits when "dos filemode = yes", so even though
the permission or owner change would be allowed by the POSIX ACL code, the
NTCreateX call fails with ACCESS_DENIED now we always check NT permissions
first.

Added in the mapping from "w" to WRITE_DAC and WRITE_OWNER access.

Jeremy.

10 years agos4:provision_self_join.ldif - Adapt comment after implementation of distributed RIDs
Matthias Dieter Wallnöfer [Fri, 8 Jan 2010 17:18:21 +0000 (18:18 +0100)]
s4:provision_self_join.ldif - Adapt comment after implementation of distributed RIDs

10 years agos4-kdc: Migrate tcp connections to tsocket.
Andreas Schneider [Thu, 7 Jan 2010 11:23:33 +0000 (12:23 +0100)]
s4-kdc: Migrate tcp connections to tsocket.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
10 years agos4:kdc: use LIBSAMBA_TSOCKET
Stefan Metzmacher [Wed, 4 Nov 2009 18:27:20 +0000 (19:27 +0100)]
s4:kdc: use LIBSAMBA_TSOCKET

metze

10 years agos4:kdc: the ->process function returns "bool"
Stefan Metzmacher [Fri, 8 Jan 2010 10:45:59 +0000 (11:45 +0100)]
s4:kdc: the ->process function returns "bool"

metze

10 years agolibcli/util: add tstream_read_pdu_blob_send/recv
Stefan Metzmacher [Thu, 5 Nov 2009 08:55:12 +0000 (09:55 +0100)]
libcli/util: add tstream_read_pdu_blob_send/recv

This will take the some full_request callback function
as the Samba4 packet code.

metze

10 years agos3-time: fix build warnings after we moved to shared time functions.
Günther Deschner [Fri, 8 Jan 2010 10:03:31 +0000 (11:03 +0100)]
s3-time: fix build warnings after we moved to shared time functions.

Bjoern, please check.

Guenther

10 years agos3-docs: mention -K option in pdbedit manpage.
Günther Deschner [Fri, 8 Jan 2010 09:38:46 +0000 (10:38 +0100)]
s3-docs: mention -K option in pdbedit manpage.

Guenther

10 years agos4-drs: added two more SPNs in addentry
Andrew Tridgell [Fri, 8 Jan 2010 07:03:09 +0000 (18:03 +1100)]
s4-drs: added two more SPNs in addentry

w2k8r2 wants these after a DCPROMO

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-schema: fixes for W2K8-R2 schema
Andrew Tridgell [Fri, 8 Jan 2010 06:58:26 +0000 (17:58 +1100)]
s4-schema: fixes for W2K8-R2 schema

The schema from WSPP had a number of typos that prevented it from
working. These changes allow it to work with Samba, and allow w2k8r2
to run DCPROMO against Samba successfully

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-schema: added msDS-NcType to schema container
Andrew Tridgell [Fri, 8 Jan 2010 06:01:32 +0000 (17:01 +1100)]
s4-schema: added msDS-NcType to schema container

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-schema: fixed attributes of aggregate schema
Andrew Tridgell [Fri, 8 Jan 2010 06:00:54 +0000 (17:00 +1100)]
s4-schema: fixed attributes of aggregate schema

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-schema: switch to W2K8-R2 schema
Andrew Tridgell [Fri, 8 Jan 2010 06:00:28 +0000 (17:00 +1100)]
s4-schema: switch to W2K8-R2 schema

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-schema: added adminDisplayName and adminDescription
Andrew Tridgell [Fri, 8 Jan 2010 05:59:27 +0000 (16:59 +1100)]
s4-schema: added adminDisplayName and adminDescription

These are missing from the WSPP schemas

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-schema: added some debug for bad attributes
Andrew Tridgell [Fri, 8 Jan 2010 05:57:56 +0000 (16:57 +1100)]
s4-schema: added some debug for bad attributes

10 years agos4-provision: added W2K8-R2 schema as provided by WSPP
Andrew Tridgell [Fri, 8 Jan 2010 05:56:01 +0000 (16:56 +1100)]
s4-provision: added W2K8-R2 schema as provided by WSPP

10 years agos4-samba3samtest: we need to force netbios name as well
Andrew Tridgell [Fri, 8 Jan 2010 01:55:21 +0000 (12:55 +1100)]
s4-samba3samtest: we need to force netbios name as well

needed for when run in CLIENT context

10 years agos4-samba3sid: fixed error returns when res->count != 1 and oom
Andrew Tridgell [Fri, 8 Jan 2010 01:54:42 +0000 (12:54 +1100)]
s4-samba3sid: fixed error returns when res->count != 1 and oom

10 years agos4-samba3samtest: force workgroup so the domain is right
Andrew Tridgell [Fri, 8 Jan 2010 01:45:49 +0000 (12:45 +1100)]
s4-samba3samtest: force workgroup so the domain is right

the samba3sid backend looks at lp_sam_name() which is based on the
workgroup

10 years agos4-samba3sid: the sambaNextRid attribute is actually the previous RID
Andrew Tridgell [Fri, 8 Jan 2010 01:45:29 +0000 (12:45 +1100)]
s4-samba3sid: the sambaNextRid attribute is actually the previous RID

Not well named .... though same mistake that MS made with rIDNextRid

10 years agos4-samba3sam: use samba3sid module
Andrew Tridgell [Fri, 8 Jan 2010 01:15:01 +0000 (12:15 +1100)]
s4-samba3sam: use samba3sid module

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: added a samba3sid module
Andrew Tridgell [Fri, 8 Jan 2010 01:14:39 +0000 (12:14 +1100)]
s4-dsdb: added a samba3sid module

This module allocates SIDs using the Samba3 algorithm, for use with
the samba3sam module.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-acl: fixed acl.py test to use correct ldif
Andrew Tridgell [Thu, 7 Jan 2010 23:03:51 +0000 (10:03 +1100)]
s4-acl: fixed acl.py test to use correct ldif

same problem as sec_descriptor.py

10 years agos4-secdesc: fixed the sec_descriptor.py test
Andrew Tridgell [Thu, 7 Jan 2010 23:00:35 +0000 (10:00 +1100)]
s4-secdesc: fixed the sec_descriptor.py test

The test was using a "changetype: add" to try and add a member to a
group, where it should use a "changetype: modify" with a "add: member"

Also fixed the recovery when the test fails part way through (delete
the test users at the start as well as the end)

Nadya, please check!

10 years agos4-samba3samtest: use system credentials for creating users
Andrew Tridgell [Thu, 7 Jan 2010 22:31:23 +0000 (09:31 +1100)]
s4-samba3samtest: use system credentials for creating users

10 years agos4-dsdb: fixed const misuse in acl module
Andrew Tridgell [Thu, 7 Jan 2010 22:30:59 +0000 (09:30 +1100)]
s4-dsdb: fixed const misuse in acl module

10 years agos4-dsdb: use dsdb_module_am_system() in acl module
Andrew Tridgell [Thu, 7 Jan 2010 22:30:31 +0000 (09:30 +1100)]
s4-dsdb: use dsdb_module_am_system() in acl module

10 years agos4-dsdb: allow specification of a SID if we are system
Andrew Tridgell [Thu, 7 Jan 2010 22:29:32 +0000 (09:29 +1100)]
s4-dsdb: allow specification of a SID if we are system

needed for samba3sam test

10 years agos4-dsdb: added dsdb_module_am_system()
Andrew Tridgell [Thu, 7 Jan 2010 22:29:01 +0000 (09:29 +1100)]
s4-dsdb: added dsdb_module_am_system()

better than each module inventing their own

10 years agos4-dsdb: squash some unknown structure warnings
Andrew Tridgell [Thu, 7 Jan 2010 22:28:38 +0000 (09:28 +1100)]
s4-dsdb: squash some unknown structure warnings

10 years agos4-partition: fixed selection of partitions on exact match
Andrew Tridgell [Thu, 7 Jan 2010 22:00:15 +0000 (09:00 +1100)]
s4-partition: fixed selection of partitions on exact match

When a search is on the root of a partition on the global catalog,
don't search partitions above that one.

10 years agos4-scripting: we need to use a base search for the NTDS GUID
Andrew Tridgell [Thu, 7 Jan 2010 10:28:03 +0000 (21:28 +1100)]
s4-scripting: we need to use a base search for the NTDS GUID

now we have nTDSConnections structures we can get more than 1 reply

10 years agos4:dsdb/repl: convert dreplsrv_op_pull_source_send/recv to tevent_req
Stefan Metzmacher [Wed, 30 Dec 2009 16:11:51 +0000 (17:11 +0100)]
s4:dsdb/repl: convert dreplsrv_op_pull_source_send/recv to tevent_req

metze

Signed-off-by: Andrew Tridgell <tridge@samba.org>
10 years agos4-smbd: setup the default event contexts for other process models
Andrew Tridgell [Thu, 7 Jan 2010 08:12:45 +0000 (19:12 +1100)]
s4-smbd: setup the default event contexts for other process models

10 years agos4-drs: we need to wrap extended operations in transactions
Andrew Tridgell [Thu, 7 Jan 2010 07:38:39 +0000 (18:38 +1100)]
s4-drs: we need to wrap extended operations in transactions

10 years agos4-dsdb: poke the RID Manager when completely out of RIDs too
Andrew Tridgell [Thu, 7 Jan 2010 07:38:16 +0000 (18:38 +1100)]
s4-dsdb: poke the RID Manager when completely out of RIDs too

10 years agos4-dsdb: ensure we will in all the attributes for RID Set
Andrew Tridgell [Thu, 7 Jan 2010 07:16:14 +0000 (18:16 +1100)]
s4-dsdb: ensure we will in all the attributes for RID Set

We need to go to the top of the module stack so that all the extra
attributes get filled in

10 years agos4-dsdb: added DSDB_FLAG_TOP_MODULE
Andrew Tridgell [Thu, 7 Jan 2010 07:15:34 +0000 (18:15 +1100)]
s4-dsdb: added DSDB_FLAG_TOP_MODULE

This is used when you want the dsdb_module_*() functions to go to the
top of the stack.

10 years agos4-dsdb: no longer need special invocationID handling for standalone servers
Andrew Tridgell [Thu, 7 Jan 2010 06:32:13 +0000 (17:32 +1100)]
s4-dsdb: no longer need special invocationID handling for standalone servers

They now work the same way as a DC

10 years agos4-provision: do a self join for all server types
Andrew Tridgell [Thu, 7 Jan 2010 06:31:23 +0000 (17:31 +1100)]
s4-provision: do a self join for all server types

We need a machine account so the RID allocation code can work. It
seems better to use the same code paths for a domain controller and
standalone server to avoid testing headaches with little used code.

10 years agos4-schema: added generic attributeID conversion functions
Andrew Tridgell [Thu, 7 Jan 2010 06:29:40 +0000 (17:29 +1100)]
s4-schema: added generic attributeID conversion functions

When we get one we haven't seen before, we can work out the right type
automatically in most cases.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-schema: added dsdb_attribute_by_lDAPDisplayName_ldb_val
Andrew Tridgell [Thu, 7 Jan 2010 06:27:46 +0000 (17:27 +1100)]
s4-schema: added dsdb_attribute_by_lDAPDisplayName_ldb_val

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-schema: make ldb_val to string comparison safer with nul termination
Andrew Tridgell [Thu, 7 Jan 2010 06:27:03 +0000 (17:27 +1100)]
s4-schema: make ldb_val to string comparison safer with nul termination

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-idl: regenerate DRS IDL
Andrew Tridgell [Thu, 7 Jan 2010 06:25:38 +0000 (17:25 +1100)]
s4-idl: regenerate DRS IDL

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-idl: added some more wellknown attributeIDs
Andrew Tridgell [Thu, 7 Jan 2010 06:25:19 +0000 (17:25 +1100)]
s4-idl: added some more wellknown attributeIDs

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4/dsdb_schema: Load msDS-IntId value separately when loading from LDB
Kamen Mazdrashki [Thu, 7 Jan 2010 04:04:35 +0000 (06:04 +0200)]
s4/dsdb_schema: Load msDS-IntId value separately when loading from LDB

This way we have consistent behavior when loading from DRSUAPI
and from LDB.

10 years agoRevert "s4-schema: Set ATTID in schema cache from "msDS-IntId""
Kamen Mazdrashki [Thu, 7 Jan 2010 03:08:49 +0000 (05:08 +0200)]
Revert "s4-schema: Set ATTID in schema cache from "msDS-IntId""

This reverts commit 4e8ad284f5813413fdec8426f11e24570d22549b.

10 years agos4/schema: Do not assign msDS-IntId value if LDB_CONTROL_RELAX_OID is passed
Kamen Mazdrashki [Thu, 7 Jan 2010 02:01:14 +0000 (04:01 +0200)]
s4/schema: Do not assign msDS-IntId value if LDB_CONTROL_RELAX_OID is passed

This way msDS-IntId should not be assigned during provisioning,
which is how Windows works

10 years agos4-libnet: better error messages in libnet_vampire.c
Andrew Tridgell [Thu, 7 Jan 2010 01:19:42 +0000 (12:19 +1100)]
s4-libnet: better error messages in libnet_vampire.c

10 years agos4/dsdb_schema: use msDS-IntId value for attribute look-up
Kamen Mazdrashki [Thu, 7 Jan 2010 00:47:25 +0000 (02:47 +0200)]
s4/dsdb_schema: use msDS-IntId value for attribute look-up

10 years agos4/dsdb_schema: fetch msDS-IntId value during SCHEMA replication
Kamen Mazdrashki [Thu, 7 Jan 2010 00:46:25 +0000 (02:46 +0200)]
s4/dsdb_schema: fetch msDS-IntId value during SCHEMA replication

10 years agos4/dsdb_schema: GET_UINT32_DS() macro to use supplied default value instead of 0
Kamen Mazdrashki [Wed, 6 Jan 2010 21:16:12 +0000 (23:16 +0200)]
s4/dsdb_schema: GET_UINT32_DS() macro to use supplied default value instead of 0