ira/wip.git
10 years agos3: Convert cli_sesssetup_ntlmssp to the async API
Volker Lendecke [Tue, 22 Dec 2009 22:31:20 +0000 (23:31 +0100)]
s3: Convert cli_sesssetup_ntlmssp to the async API

10 years agos3: NT_STATUS_MORE_PROCESSING_REQUIRED is a valid sesssetup return value
Volker Lendecke [Sat, 2 Jan 2010 17:14:59 +0000 (18:14 +0100)]
s3: NT_STATUS_MORE_PROCESSING_REQUIRED is a valid sesssetup return value

10 years agos3: Convert cli_session_setup_kerberos to the async API
Volker Lendecke [Sun, 20 Dec 2009 13:47:09 +0000 (14:47 +0100)]
s3: Convert cli_session_setup_kerberos to the async API

This is still cheated, acquiring the ticket is not async yet, but the SMB
part is

10 years agos3: Fix a typo
Volker Lendecke [Wed, 30 Dec 2009 19:15:33 +0000 (20:15 +0100)]
s3: Fix a typo

10 years agos3: simplify find_root_domain, find_our_domain() never fails
Volker Lendecke [Wed, 30 Dec 2009 19:09:52 +0000 (20:09 +0100)]
s3: simplify find_root_domain, find_our_domain() never fails

10 years agos3: Use global_sid_Builtin in find_builtin_domain
Volker Lendecke [Wed, 30 Dec 2009 19:11:36 +0000 (20:11 +0100)]
s3: Use global_sid_Builtin in find_builtin_domain

10 years agos3: Avoid adding a domain twice
Volker Lendecke [Mon, 28 Dec 2009 17:11:34 +0000 (18:11 +0100)]
s3: Avoid adding a domain twice

If we found a match with sid==NULL, we ended up adding the domain twice

10 years agos3: Make free_domain_list() static
Volker Lendecke [Mon, 28 Dec 2009 17:03:14 +0000 (18:03 +0100)]
s3: Make free_domain_list() static

10 years agos3: Adapt sid_dup_talloc to README.Coding
Volker Lendecke [Wed, 30 Dec 2009 10:30:13 +0000 (11:30 +0100)]
s3: Adapt sid_dup_talloc to README.Coding

10 years agos3: Introduce domain_is_forest_root() helper function
Volker Lendecke [Wed, 30 Dec 2009 09:25:41 +0000 (10:25 +0100)]
s3: Introduce domain_is_forest_root() helper function

Hopefully this makes the flag tests a bit more understandable

10 years agos4-dsdb: force REVISION_ADS for new and updated ACLs in dsdb
Andrew Tridgell [Sat, 2 Jan 2010 05:53:20 +0000 (16:53 +1100)]
s4-dsdb: force REVISION_ADS for new and updated ACLs in dsdb

w2k8-r2 gives a "schema mismatch" error if the revision is not set to
REVISION_ADS and you replicate the ntsecuritydescriptor using DRS.

Nadya, please check this!

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-drs: don't give an error on repsTo delete if add is also specified
Andrew Tridgell [Sat, 2 Jan 2010 05:51:30 +0000 (16:51 +1100)]
s4-drs: don't give an error on repsTo delete if add is also specified

w2k8-r2 in dcpromo asks for a delete+add during its initial join.

10 years agos4-sddl: DRS replication needs REVISION_ADS for SDs
Andrew Tridgell [Sat, 2 Jan 2010 01:30:48 +0000 (12:30 +1100)]
s4-sddl: DRS replication needs REVISION_ADS for SDs

DRS replication with w2k8-r2 fails with a schema mismatch error if we
set the revision to NT4

10 years agoldb: Fix the standalone ldb build.
Jelmer Vernooij [Sat, 2 Jan 2010 01:40:30 +0000 (02:40 +0100)]
ldb: Fix the standalone ldb build.

10 years agolibreplace: some systems don't have memmem()
Andrew Tridgell [Fri, 1 Jan 2010 23:01:11 +0000 (10:01 +1100)]
libreplace: some systems don't have memmem()

added rep_memmem() and a testsuite

10 years agos4-dsdb: switched to using RMD_FLAGS instead of DELETED in extended DNs
Andrew Tridgell [Fri, 1 Jan 2010 21:14:52 +0000 (08:14 +1100)]
s4-dsdb: switched to using RMD_FLAGS instead of DELETED in extended DNs

This allows for more flags in the future

10 years agos4-kcc: added a preiodic task to remove deleted objects
Andrew Tridgell [Wed, 30 Dec 2009 10:40:17 +0000 (21:40 +1100)]
s4-kcc: added a preiodic task to remove deleted objects

we check for deleted objects in each partition every 10 minutes, using
onelevel searches

10 years agos4-dsdb: fixed several memory leaks
Andrew Tridgell [Wed, 30 Dec 2009 10:39:24 +0000 (21:39 +1100)]
s4-dsdb: fixed several memory leaks

need to be careful with those temporary contexts

10 years agos4-dsdb: fixed samdb_create_foreign_security_principal() to use the wellknown GUID
Andrew Tridgell [Wed, 30 Dec 2009 10:38:21 +0000 (21:38 +1100)]
s4-dsdb: fixed samdb_create_foreign_security_principal() to use the wellknown GUID

This also fixes a memory leak

10 years agos4-ldb: fixed valgrind error: ares can be freed by callback
Andrew Tridgell [Wed, 30 Dec 2009 10:36:31 +0000 (21:36 +1100)]
s4-ldb: fixed valgrind error: ares can be freed by callback

10 years agos4-dsdb: make sure 'whenChanged' is set on modify
Andrew Tridgell [Wed, 30 Dec 2009 09:05:02 +0000 (20:05 +1100)]
s4-dsdb: make sure 'whenChanged' is set on modify

We also should preserve (and then replace) whenChanged on delete

10 years agos4-dsdb: added dsdb_tombstone_lifetime()
Andrew Tridgell [Wed, 30 Dec 2009 09:04:17 +0000 (20:04 +1100)]
s4-dsdb: added dsdb_tombstone_lifetime()

10 years agos4-dsdb: allow system to remove deleted objects
Andrew Tridgell [Wed, 30 Dec 2009 07:47:51 +0000 (18:47 +1100)]
s4-dsdb: allow system to remove deleted objects

This will be used by a periodic job to remove tombstoned objects

10 years agos4-ldaptest: need to use MessageElement for modify messages
Andrew Tridgell [Tue, 29 Dec 2009 23:54:03 +0000 (10:54 +1100)]
s4-ldaptest: need to use MessageElement for modify messages

Without MessageElement() the flags are not set, which is invalid

10 years agos4-ldb: show an error string, as well as error message
Andrew Tridgell [Tue, 29 Dec 2009 23:53:36 +0000 (10:53 +1100)]
s4-ldb: show an error string, as well as error message

This makes it easier to track down error mismatches from the test
suite

10 years agos4-drs: make sure the DNs we put in the db have a extended GUID
Andrew Tridgell [Tue, 29 Dec 2009 23:52:55 +0000 (10:52 +1100)]
s4-drs: make sure the DNs we put in the db have a extended GUID

10 years agos4-dsdb: added dsdb_set_extended_dn_guid()
Andrew Tridgell [Tue, 29 Dec 2009 23:52:14 +0000 (10:52 +1100)]
s4-dsdb: added dsdb_set_extended_dn_guid()

10 years agos4-ldbtest: fixed message element in modify
Andrew Tridgell [Tue, 29 Dec 2009 00:41:19 +0000 (11:41 +1100)]
s4-ldbtest: fixed message element in modify

a flags value of zero is not valid

10 years agos4-ldb: allow modules to override error return values
Andrew Tridgell [Tue, 29 Dec 2009 00:40:30 +0000 (11:40 +1100)]
s4-ldb: allow modules to override error return values

The samldb module overrides the error code for some returns when
handling primaryGroupID. We need to take the error from the async
callback to allow this to work reliably

10 years agos4-ldbmodify: show the error code as well as error string
Andrew Tridgell [Tue, 29 Dec 2009 00:39:29 +0000 (11:39 +1100)]
s4-ldbmodify: show the error code as well as error string

10 years agos4-ldb: declate ldb_val_to_time()
Andrew Tridgell [Tue, 29 Dec 2009 00:39:05 +0000 (11:39 +1100)]
s4-ldb: declate ldb_val_to_time()

10 years agos4-ldb: use safe length limited conversions for int64 and time
Andrew Tridgell [Tue, 29 Dec 2009 00:38:49 +0000 (11:38 +1100)]
s4-ldb: use safe length limited conversions for int64 and time

10 years agos4-dsdb: use safe length limiting in string->integer conversion
Andrew Tridgell [Tue, 29 Dec 2009 00:38:17 +0000 (11:38 +1100)]
s4-dsdb: use safe length limiting in string->integer conversion

The ldap.py test suite could trigger a read past the end of the struct
ldb_val buffer

10 years agos4-dsdb: use ldb_val_to_time() instead of ldb_string_to_time()
Andrew Tridgell [Tue, 29 Dec 2009 00:37:17 +0000 (11:37 +1100)]
s4-dsdb: use ldb_val_to_time() instead of ldb_string_to_time()

10 years agos4-ldb: added ldb_val_to_time()
Andrew Tridgell [Tue, 29 Dec 2009 00:36:37 +0000 (11:36 +1100)]
s4-ldb: added ldb_val_to_time()

This is intended as a replacement for ldb_string_to_time() for ldb_val
inputs. This ensures it is length limited and includes additional
validity checks

10 years agos4-drs: sort linked attributes
Andrew Tridgell [Mon, 28 Dec 2009 06:22:40 +0000 (17:22 +1100)]
s4-drs: sort linked attributes

See MS-DRSR section 4.1.10.5.17 for a description of the sorting
comparison function

10 years agos4-drs: re-resolve the DN in linked attribute processing
Andrew Tridgell [Mon, 28 Dec 2009 06:22:12 +0000 (17:22 +1100)]
s4-drs: re-resolve the DN in linked attribute processing

w2k8-r2 sometimes sends the DN with an old target

10 years agos4-drs: use dsdb_module_rename()
Andrew Tridgell [Mon, 28 Dec 2009 06:20:13 +0000 (17:20 +1100)]
s4-drs: use dsdb_module_rename()

Use the new dsdb_module_rename() for DRS rename handling, instead of
ldb_rename(). This stops us going to the top of the module stack on a
rename.

10 years agos4-drs: use dsdb linked attribute parse functions
Andrew Tridgell [Mon, 28 Dec 2009 06:19:29 +0000 (17:19 +1100)]
s4-drs: use dsdb linked attribute parse functions

This makes the code considerably more readable

10 years agos4-dsdb: added parse functions for DRS linked attribute blobs
Andrew Tridgell [Mon, 28 Dec 2009 06:18:14 +0000 (17:18 +1100)]
s4-dsdb: added parse functions for DRS linked attribute blobs

10 years agos4-drs: set flag to indicate that we do support linked attributes
Andrew Tridgell [Mon, 28 Dec 2009 03:11:37 +0000 (14:11 +1100)]
s4-drs: set flag to indicate that we do support linked attributes

10 years agos4-ldb: show the error code as well as errstr
Andrew Tridgell [Tue, 22 Dec 2009 01:31:42 +0000 (12:31 +1100)]
s4-ldb: show the error code as well as errstr

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: fixed valgrind error in replmd modify
Andrew Tridgell [Tue, 22 Dec 2009 01:21:02 +0000 (12:21 +1100)]
s4-dsdb: fixed valgrind error in replmd modify

We are using the values from a search result, so we need to steal them
onto the msg before we free the search results

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-drs: don't try to remove backlinks directly
Andrew Tridgell [Mon, 21 Dec 2009 10:28:04 +0000 (21:28 +1100)]
s4-drs: don't try to remove backlinks directly

backlinks need to be removed as a side effect of removing the forward
link

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-drs: isRecycled only exists in FL W2K8-R2
Andrew Tridgell [Mon, 21 Dec 2009 10:27:16 +0000 (21:27 +1100)]
s4-drs: isRecycled only exists in FL W2K8-R2

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-drs: use DSDB_FLAG_OWN_MODULE
Andrew Tridgell [Mon, 21 Dec 2009 10:26:15 +0000 (21:26 +1100)]
s4-drs: use DSDB_FLAG_OWN_MODULE

We need DRS driven replication changes to update replPropertyMetaData,
so it needs to call into the repl_meta_data module logic

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-drs: update comment to refect only forward link in this fn
Andrew Tridgell [Mon, 21 Dec 2009 10:25:27 +0000 (21:25 +1100)]
s4-drs: update comment to refect only forward link in this fn

This function only update forward links

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-drs: fixed typo for uSNCreated
Andrew Tridgell [Mon, 21 Dec 2009 10:24:18 +0000 (21:24 +1100)]
s4-drs: fixed typo for uSNCreated

This broke DRS replication from samba to windows

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-drs: use dsdb_module_guid_by_dn()
Andrew Tridgell [Mon, 21 Dec 2009 10:23:18 +0000 (21:23 +1100)]
s4-drs: use dsdb_module_guid_by_dn()

We should not be going to the top of the module stack

10 years agos4-drs: cope better with NULL GUIDS from DRS
Andrew Tridgell [Mon, 21 Dec 2009 10:21:55 +0000 (21:21 +1100)]
s4-drs: cope better with NULL GUIDS from DRS

It is valid to get a NULL GUID over DRS for a deleted forward link. We
need to match by DN if possible when seeing if we should update an
existing link.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-drs: give an error message in repl_meta_data if we don't get a partition control
Andrew Tridgell [Mon, 21 Dec 2009 10:19:55 +0000 (21:19 +1100)]
s4-drs: give an error message in repl_meta_data if we don't get a partition control

10 years agos4-drs: treat a zero GUID as not present in replmd_add_fix_la
Andrew Tridgell [Mon, 21 Dec 2009 10:18:31 +0000 (21:18 +1100)]
s4-drs: treat a zero GUID as not present in replmd_add_fix_la

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-drs: update highwatermark after successfully encoding the object
Andrew Tridgell [Mon, 21 Dec 2009 10:16:35 +0000 (21:16 +1100)]
s4-drs: update highwatermark after successfully encoding the object

10 years agos4-drs: send all linked attributes at the end of a replication cycle
Andrew Tridgell [Mon, 21 Dec 2009 10:13:59 +0000 (21:13 +1100)]
s4-drs: send all linked attributes at the end of a replication cycle

This ensures that a link is not seen before the object it points to

10 years agos4-drs: use the extended linearized form for DRS replication
Andrew Tridgell [Mon, 21 Dec 2009 10:12:19 +0000 (21:12 +1100)]
s4-drs: use the extended linearized form for DRS replication

We were sending zero GUIDs. Not good!

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-drs: implemented sorting functions based on replication flags
Andrew Tridgell [Mon, 21 Dec 2009 10:10:41 +0000 (21:10 +1100)]
s4-drs: implemented sorting functions based on replication flags

I think we probably have more work to do on the sort order, but this
brings us a bit closer.

10 years agos4-drs: we are doing the sorting for getncchanges in the app code now
Andrew Tridgell [Mon, 21 Dec 2009 10:06:56 +0000 (21:06 +1100)]
s4-drs: we are doing the sorting for getncchanges in the app code now

the sorting is quite delicate, and easier to get right in the
getncchanges code

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-drs: give a reason when an AddEntry commit fails
Andrew Tridgell [Mon, 21 Dec 2009 10:05:50 +0000 (21:05 +1100)]
s4-drs: give a reason when an AddEntry commit fails

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-schema: don't fill in the extended DN with a zero GUID
Andrew Tridgell [Mon, 21 Dec 2009 10:01:33 +0000 (21:01 +1100)]
s4-schema: don't fill in the extended DN with a zero GUID

sometimes windows sends us a zero GUID in a DRS DN.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agosd-schema: order DRS classes on the wire in reverse order
Andrew Tridgell [Mon, 21 Dec 2009 09:59:57 +0000 (20:59 +1100)]
sd-schema: order DRS classes on the wire in reverse order

windows sends objectclasses in DRS in the opposite order to what LDAP
uses

10 years agos4-dsdb: added DSDB_FLAG_OWN_MODULE
Andrew Tridgell [Mon, 21 Dec 2009 09:59:08 +0000 (20:59 +1100)]
s4-dsdb: added DSDB_FLAG_OWN_MODULE

This allows you to call dsdb_module_*() functions while including the
current module in the module stack to be used

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-ldb: added ldb_module_get_ops()
Andrew Tridgell [Mon, 21 Dec 2009 10:03:11 +0000 (21:03 +1100)]
s4-ldb: added ldb_module_get_ops()

This is needed to support DSDB_FLAG_OWN_MODULE

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: use a common method for finding a link pair
Andrew Tridgell [Sun, 20 Dec 2009 00:53:09 +0000 (11:53 +1100)]
s4-dsdb: use a common method for finding a link pair

Use ^1 everywhere, to ensure it works for both forward and backward
links

10 years agos4-drs: fixed the UDV return in getncchanges
Andrew Tridgell [Sat, 19 Dec 2009 23:27:03 +0000 (10:27 +1100)]
s4-drs: fixed the UDV return in getncchanges

We should overwrite an existing entry if found

10 years agos4-drs: some useful debugging options for getncchanges
Andrew Tridgell [Sat, 19 Dec 2009 13:12:35 +0000 (00:12 +1100)]
s4-drs: some useful debugging options for getncchanges

Added two debugging parametric options

  drs:max object sync =
  drs:extra filter =

10 years agos4-dsdb: fill in the correct version number of links that come over DRS
Andrew Tridgell [Sat, 19 Dec 2009 13:10:40 +0000 (00:10 +1100)]
s4-dsdb: fill in the correct version number of links that come over DRS

10 years agos4-dsdb: move checking for single valued links to samba modules
Andrew Tridgell [Sat, 19 Dec 2009 10:42:40 +0000 (21:42 +1100)]
s4-dsdb: move checking for single valued links to samba modules

This uses the RELAX control and checking of single valued attributes
in ldb modules to avoid problems with multi-valued links where all
values but one are deleted

10 years agos4-dsdb: added dsdb_check_single_valued_link()
Andrew Tridgell [Sat, 19 Dec 2009 10:40:55 +0000 (21:40 +1100)]
s4-dsdb: added dsdb_check_single_valued_link()

This is used in conjunction with the RELAX control, to check for
violations of single value rules for linked attributes

10 years agos4-drs: handle mixtures of old and new style links in getncchanges
Andrew Tridgell [Sat, 19 Dec 2009 09:59:04 +0000 (20:59 +1100)]
s4-drs: handle mixtures of old and new style links in getncchanges

We need to send non-upgraded links using the old format

10 years agos4-dsdb: added dsdb_dn_is_upgraded_link_val()
Andrew Tridgell [Sat, 19 Dec 2009 09:55:46 +0000 (20:55 +1100)]
s4-dsdb: added dsdb_dn_is_upgraded_link_val()

This is used to detect if a link has been stored in the w2k3 extended
format

10 years agos4-ldb: use the RELAX control to disable single value checking on replace
Andrew Tridgell [Sat, 19 Dec 2009 09:55:11 +0000 (20:55 +1100)]
s4-ldb: use the RELAX control to disable single value checking on replace

When using w2k3 linked attributes we are allowed to have multiple
values on a single valued attribute. This happens when the other
values are deleted.

Setting the RELAX control tell the ldb-tdb backend to not check for
this on replace, which means the caller has to check for single valued
violations.

10 years agos4-dsdb: auto-upgrade w2k formatted linked attributes when modified
Andrew Tridgell [Sat, 19 Dec 2009 08:57:37 +0000 (19:57 +1100)]
s4-dsdb: auto-upgrade w2k formatted linked attributes when modified

When any value of a w2k formatted linked attribute is modified,
upgrade the links.

10 years agos4-drs: added linked attribute replication to getncchanges
Andrew Tridgell [Sat, 19 Dec 2009 01:25:09 +0000 (12:25 +1100)]
s4-drs: added linked attribute replication to getncchanges

10 years agos4-dsdb: ask for REVEAL_INTERNALS in getncchanges
Andrew Tridgell [Sat, 19 Dec 2009 01:24:09 +0000 (12:24 +1100)]
s4-dsdb: ask for REVEAL_INTERNALS in getncchanges

We need this for the linked attribute meta data

10 years agos4-dsdb: minor cleanup in DRS replicated objects code
Andrew Tridgell [Sat, 19 Dec 2009 01:23:22 +0000 (12:23 +1100)]
s4-dsdb: minor cleanup in DRS replicated objects code

10 years agos4-dsdb: store full meta data from DRS for linked attributes
Andrew Tridgell [Fri, 18 Dec 2009 09:57:21 +0000 (20:57 +1100)]
s4-dsdb: store full meta data from DRS for linked attributes

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: add REVEAL_INTERNALS in the search for linked_attributes
Andrew Tridgell [Fri, 18 Dec 2009 09:56:04 +0000 (20:56 +1100)]
s4-dsdb: add REVEAL_INTERNALS in the search for linked_attributes

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: allow the component name to be specified in dsdb_get_extended_dn_guid()
Andrew Tridgell [Fri, 18 Dec 2009 09:51:37 +0000 (20:51 +1100)]
s4-dsdb: allow the component name to be specified in dsdb_get_extended_dn_guid()

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: split RMD_USN into RMD_LOCAL_USN and RMD_ORIGINATING_USN
Andrew Tridgell [Fri, 18 Dec 2009 01:47:31 +0000 (12:47 +1100)]
s4-dsdb: split RMD_USN into RMD_LOCAL_USN and RMD_ORIGINATING_USN

We need a separate RMD_LOCAL_USN to allow us to tell what attributes
need to be sent in a getncchanges request. Thanks to Metze for
pointing this out.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: handle links with no backlinks in replmd_delete
Andrew Tridgell [Thu, 17 Dec 2009 12:50:41 +0000 (23:50 +1100)]
s4-dsdb: handle links with no backlinks in replmd_delete

10 years agos4-dsdb: simplify the linked_attributes module
Andrew Tridgell [Thu, 17 Dec 2009 12:02:08 +0000 (23:02 +1100)]
s4-dsdb: simplify the linked_attributes module

The linked_attributes module only has to deal with renames now, as
other linked attribute updates happen in repl_meta_data. This allows
it to be much simpler.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: do the rename after the modify in replmd_delete
Andrew Tridgell [Thu, 17 Dec 2009 12:00:16 +0000 (23:00 +1100)]
s4-dsdb: do the rename after the modify in replmd_delete

This makes updating the links a bit easier

10 years agos4-dsdb: some backlinks can be processed immediately
Andrew Tridgell [Wed, 16 Dec 2009 23:50:34 +0000 (10:50 +1100)]
s4-dsdb: some backlinks can be processed immediately

backlinks in add and delete operations can be processed immediately,
rather than at the end of a transaction. This can save on backlink
list processing time.

10 years agos4-dsdb: remove linked_attributes_add
Andrew Tridgell [Wed, 16 Dec 2009 23:42:44 +0000 (10:42 +1100)]
s4-dsdb: remove linked_attributes_add

This is now handled in the repl_meta_data module

10 years agos4-dsdb: add linked attributes meta_data handling to replmd_add
Andrew Tridgell [Wed, 16 Dec 2009 23:42:15 +0000 (10:42 +1100)]
s4-dsdb: add linked attributes meta_data handling to replmd_add

This also handles the backlink creation that was previously in the
linked_attributes module

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: added replmd_delete, based on Eduardos work
Andrew Tridgell [Wed, 16 Dec 2009 06:24:21 +0000 (17:24 +1100)]
s4-dsdb: added replmd_delete, based on Eduardos work

This implements repmld_delete(), which handles the meta_data updates
for an object when deleting. A delete gets mapped to a combination
of a rename followed by a modify request, which has the effect of
moving the object into the Deleted Objects container.

This is based on the code from Eduardo Lima
<eduardoll@gmail.com>. Eduardo's code was modified to take account of
the linked attributes changes that Andrew and I have been working on.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: the linked_attributes module no longer handles deletes
Andrew Tridgell [Wed, 16 Dec 2009 06:15:23 +0000 (17:15 +1100)]
s4-dsdb: the linked_attributes module no longer handles deletes

delete handling is now moved into repl_meta_data

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: repl_meta_data now replaces objectguid in all cases
Andrew Tridgell [Wed, 16 Dec 2009 06:14:26 +0000 (17:14 +1100)]
s4-dsdb: repl_meta_data now replaces objectguid in all cases

We don't want to be debugging two different code paths through the ldb
module stack, so better to always do the work of repl_meta_data, even
for a standalone server

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: add a comment on the use of ldb_rename()
Andrew Tridgell [Wed, 16 Dec 2009 01:01:51 +0000 (12:01 +1100)]
s4-dsdb: add a comment on the use of ldb_rename()

We need to use ldb_rename() and not dsdb_module_rename() here as we
need the rename to be processed by the current module

10 years agos4-dsdb: linked_attributes_modify no longer handles modifies
Andrew Tridgell [Wed, 16 Dec 2009 00:34:58 +0000 (11:34 +1100)]
s4-dsdb: linked_attributes_modify no longer handles modifies

This functionality has moved into repl_meta_data

10 years agos4-dsdb: added support for backlinks in repl_meta_data
Andrew Tridgell [Wed, 16 Dec 2009 00:34:33 +0000 (11:34 +1100)]
s4-dsdb: added support for backlinks in repl_meta_data

backlinks need more careful handling now that we store the additional
meta data for deleted links. It is easier to handle this in
repl_meta_data than in linked_attributes.

Eventually linked_attributes will disappear, with the functionality
moved into repl_meta_data.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: implemeneted replmd_modify_la_replace()
Andrew Tridgell [Mon, 14 Dec 2009 10:54:41 +0000 (21:54 +1100)]
s4-dsdb: implemeneted replmd_modify_la_replace()

We now have the core code for handling storage of linked attribute
meta-data with local modifies

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: add a TODO item for linked attributes in extended_dn_out
Andrew Tridgell [Thu, 10 Dec 2009 12:49:02 +0000 (23:49 +1100)]
s4-dsdb: add a TODO item for linked attributes in extended_dn_out

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agos4-dsdb: add support for storing linked attribute meta data in extended DNs
Andrew Tridgell [Thu, 10 Dec 2009 12:48:30 +0000 (23:48 +1100)]
s4-dsdb: add support for storing linked attribute meta data in extended DNs

When in functional levels above w2k, we need to store much richer meta
data about linkked attributes. We also need to keep deleted linked
attributes around to allow the deletion to be propogated to other DCs.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

10 years agoheimdal_build: Explicitly specify 'YES' when enabling external
Jelmer Vernooij [Fri, 1 Jan 2010 17:32:37 +0000 (18:32 +0100)]
heimdal_build: Explicitly specify 'YES' when enabling external
libraries.

10 years agos4/build: Indicate whether Samba4 is being built against the system
Jelmer Vernooij [Fri, 1 Jan 2010 17:31:44 +0000 (18:31 +0100)]
s4/build: Indicate whether Samba4 is being built against the system
Heimdal.

10 years agos4-net: fixed finddcs to use empty SID instead of NULL sid (NDR error)
Andrew Tridgell [Thu, 31 Dec 2009 05:53:14 +0000 (16:53 +1100)]
s4-net: fixed finddcs to use empty SID instead of NULL sid (NDR error)

10 years agos4-testpasswords: fixed CONFIG and quoting
Andrew Tridgell [Thu, 31 Dec 2009 05:52:49 +0000 (16:52 +1100)]
s4-testpasswords: fixed CONFIG and quoting

Need to pass correct config file to tests

10 years agos4-net: fixed pwsettings command
Andrew Tridgell [Thu, 31 Dec 2009 05:52:15 +0000 (16:52 +1100)]
s4-net: fixed pwsettings command

Don't override user settings with current settings

10 years agopy/security: Add test for dom_sid.split.
Jelmer Vernooij [Wed, 30 Dec 2009 20:59:50 +0000 (21:59 +0100)]
py/security: Add test for dom_sid.split.

Signed-off-by: Andrew Tridgell <tridge@samba.org>