12 years agor24109: Add a wb_name2domain call
Kai Blin [Tue, 31 Jul 2007 23:49:04 +0000 (23:49 +0000)]
r24109: Add a wb_name2domain call

12 years agor24108: Split out samba3_parse_domuser to a seperate file and rename, so it can be
Kai Blin [Tue, 31 Jul 2007 23:43:59 +0000 (23:43 +0000)]
r24108: Split out samba3_parse_domuser to a seperate file and rename, so it can be
used for a name2domain call.

12 years agor24083: Don't fail the test (looking for the user in the enum) if we didn't
Andrew Bartlett [Mon, 30 Jul 2007 10:43:50 +0000 (10:43 +0000)]
r24083: Don't fail the test (looking for the user in the enum) if we didn't
create the user in the first place.

Andrew Bartlett

12 years agor24082: Following the removal of a fanstsy condition from the SAMR testsuite,
Andrew Bartlett [Mon, 30 Jul 2007 10:37:33 +0000 (10:37 +0000)]
r24082: Following the removal of a fanstsy condition from the SAMR testsuite,
allow the server side to enumerate all domain controllers and domain

Andrew Bartlett

12 years agor24081: Domain Controllers are also shown in this enumeration.
Andrew Bartlett [Mon, 30 Jul 2007 10:34:23 +0000 (10:34 +0000)]
r24081: Domain Controllers are also shown in this enumeration.

Andrew Bartlett

12 years agor24080: Set the primary group (matching windows) when creating new users in
Andrew Bartlett [Mon, 30 Jul 2007 10:30:34 +0000 (10:30 +0000)]
r24080: Set the primary group (matching windows) when creating new users in
SAMR.  This can't be done in the ldb templates code, as it doesn't
happen over direct LDAP.

As noted in bug #4829.

Andrew Bartlett

12 years agor24076: Make ldap.js pass against Win2k3 again (looks like we don't match AD
Andrew Bartlett [Mon, 30 Jul 2007 10:05:47 +0000 (10:05 +0000)]
r24076: Make ldap.js pass against Win2k3 again (looks like we don't match AD
on this error code, but allow both for now).

Also prove that bug #4829 needs a different solution: we can't fix
this by changing the template.  I think this fix needs to be in the
SAMR server.

Andrew Bartlett

12 years agor24075: As suggested by metze, match the behaviour of ntvfs_posix, and remove
Andrew Bartlett [Mon, 30 Jul 2007 09:04:28 +0000 (09:04 +0000)]
r24075: As suggested by metze, match the behaviour of ntvfs_posix, and remove
the backend data (effectivly closing the handle) when we close an IPC

This should fix #4821.

Andrew Bartlett

12 years agor24074: Test both permitted logon hours and permitted workstations in the
Andrew Bartlett [Mon, 30 Jul 2007 08:58:39 +0000 (08:58 +0000)]
r24074: Test both permitted logon hours and permitted workstations in the

This showed that, as noted by bug #4823, we didn't test for invalid
workstations.  In fact, the code had been ported across, but because
untested code is broken code, it never worked...

Andrew Bartlett

12 years agor24061: Anther part of bug #4823, which is that until now Samba4 didn't parse
Andrew Bartlett [Fri, 27 Jul 2007 06:31:12 +0000 (06:31 +0000)]
r24061: Anther part of bug #4823, which is that until now Samba4 didn't parse
the logon hours, even if set.

This code happily stolen from the great work in Samba3 :-)

Andrew Bartlett

12 years agor24060: Fix bug #4806 by Matthias Wallnöfer <>: We need to
Andrew Bartlett [Fri, 27 Jul 2007 03:08:15 +0000 (03:08 +0000)]
r24060: Fix bug #4806 by Matthias Wallnöfer <>: We need to
include the attribute allowedChildClassesEffective for MMC to allow
the creation of containers.

This may need further refinement, but it seems to work for now.

Andrew Bartlett

12 years agor24059: Fix bug 4822 reported by Matthias Wallnöfer <>.
Andrew Bartlett [Fri, 27 Jul 2007 02:07:17 +0000 (02:07 +0000)]
r24059: Fix bug 4822 reported by Matthias Wallnöfer <>.

Any SAMR client (usrmgr.exe in this case) that attempted to set a
property to a zero length string found instead the the old value was

In fixing this, rework the macros to be cleaner (add the
always-present .string) to every macro, and remove the use of the
samdb_modify() and samdb_replace() wrappers where possible.

Andrew Bartlett

12 years agor24054: Fix some warnings
Volker Lendecke [Thu, 26 Jul 2007 07:48:14 +0000 (07:48 +0000)]
r24054: Fix some warnings

12 years agor24053: Ensure we filter EnumDomainUsers with the supplied mask.
Andrew Bartlett [Thu, 26 Jul 2007 07:27:46 +0000 (07:27 +0000)]
r24053: Ensure we filter EnumDomainUsers with the supplied mask.

Should fix another part (list of domains in usrmgr incorrectly
including accounts) of bug #4815 by

Andrew Bartlett

12 years agor24052: Fix some of the NT4 usrmgr.exe portions of bug 4815.
Andrew Bartlett [Thu, 26 Jul 2007 03:50:24 +0000 (03:50 +0000)]
r24052: Fix some of the NT4 usrmgr.exe portions of bug 4815.

 - The icons in usermgr were incorrect, because the acct_flags were
   not filled in (due to missing attribute in ldb query)

 - The Full name was missing, and the description used as the full
   name (due to missing attributes in ldb query and incorrect IDL)

To prove the correctness of these fixes, I added a substantial new
test to RPC-SAMR-USERS, to ensure cross-consistancy between
QueryDisplayInfo and QueryUserInfo on each user.

This showed that for some reason, we must add ACB_NORMAL to the
acct_flags on level 2 queries (for machine trust accounts)...

Getting this right is important, because Samba3's RPC winbind methods
uses these queries.

Andrew Bartlett

12 years agor24051: more monitor function calls and monitor msg names
Rafal Szczesniak [Wed, 25 Jul 2007 23:17:02 +0000 (23:17 +0000)]
r24051: more monitor function calls and monitor msg names
convention change.


12 years agor24041: After metze's ack, check in torture_comment from Zack Krisch
Volker Lendecke [Wed, 25 Jul 2007 09:57:14 +0000 (09:57 +0000)]
r24041: After metze's ack, check in torture_comment from Zack Krisch

12 years agor24012: Remove duplicate code block (from bad merge).
Andrew Bartlett [Tue, 24 Jul 2007 06:03:03 +0000 (06:03 +0000)]
r24012: Remove duplicate code block (from bad merge).

Andrew Bartlett

12 years agor24011: Keep the connect handle around in libnet, in case we want it.
Andrew Bartlett [Tue, 24 Jul 2007 06:02:32 +0000 (06:02 +0000)]
r24011: Keep the connect handle around in libnet, in case we want it.

Andrew Bartlett

12 years agor24010: Fix warning for the function paramter to qsort().
Andrew Bartlett [Tue, 24 Jul 2007 06:01:30 +0000 (06:01 +0000)]
r24010: Fix warning for the function paramter to qsort().

Andrew Bartlett

12 years agor23995: Work to allow mimir's libnet code to be called from winbind.
Andrew Bartlett [Mon, 23 Jul 2007 02:56:51 +0000 (02:56 +0000)]
r23995: Work to allow mimir's libnet code to be called from winbind.

We now setup a libnet_ctx for each domain.  We should then be able to
replace/merge some more of the winbind code with libnet calls,
referencing domain->libnet_ctx.

Andrew Bartlett

12 years agor23994: Finish my work to ensure that non-root and non-administrator users
Andrew Bartlett [Mon, 23 Jul 2007 02:10:11 +0000 (02:10 +0000)]
r23994: Finish my work to ensure that non-root and non-administrator users
cannot vampire, provision or upgrade a Samba4 server via SWAT.

(The previous commit was an accident, and not complete).

This should get Samba4 closer to being 'secure' for an alpha release.

Andrew Bartlett

12 years agor23993: Attempt to fix bug #4808, reported by The issue
Andrew Bartlett [Mon, 23 Jul 2007 01:46:39 +0000 (01:46 +0000)]
r23993: Attempt to fix bug #4808, reported by  The issue
is that when we all ldb_msg_add_empty(), we might realloc() the
msg->elements array.  We need to ensure the source pointer (when
copying an element from the same msg) is still valid, or the data

Andrew Bartlett

12 years agor23982: Fix use-after-realloc() found by valgrind and
Andrew Bartlett [Sat, 21 Jul 2007 10:14:46 +0000 (10:14 +0000)]
r23982: Fix use-after-realloc() found by valgrind and

Should fix bug #4804.

Andrew Bartlett

12 years agor23980: Fix one more use of pwrite in expand_file.
Michael Adam [Fri, 20 Jul 2007 16:31:32 +0000 (16:31 +0000)]
r23980: Fix one more use of pwrite in expand_file.


12 years agor23979: Fix another occurence of (written != requested) as an
Michael Adam [Fri, 20 Jul 2007 15:00:58 +0000 (15:00 +0000)]
r23979: Fix another occurence of (written != requested) as an
error condition to write. This is in tdb_new_database.

Fix one call to tdb_new_database in tdb_open_ex to not
overwrite the newly propagated errno (typically ENOSPC).


12 years agor23978: Merge r23161 from Samba3:
Michael Adam [Fri, 20 Jul 2007 14:52:47 +0000 (14:52 +0000)]
r23978: Merge r23161 from Samba3:

Add TDB_VOLATILE as open_flag to activate the per-hashchain dead record

12 years agor23977: Im prove the pwrite-patch to tdb_expand_file of r23972:
Michael Adam [Fri, 20 Jul 2007 14:23:12 +0000 (14:23 +0000)]
r23977: Im prove the pwrite-patch to tdb_expand_file of r23972:

* prevent infinite loops due to 0 bytes written:
  try once more. if we still get 0 as return,
  set errno to ENOSPC and return -1 (error)

* replace int by correct types (ssize_t and size_t).

* print a warning log message in case "written < requested to write"
  usually this means, that the next call to pwrite will fail
  with return value -1 and set errno accordingly.

  Note that the former error condition "written != requested to write"
  is not a correct error condition of write/pwrite. If this is due
  to an error, a subsequent call to (p)write will reveal the cause
  (typically "no space left on device" - ENOSPC).


12 years agor23972: Fix a bug in pwrite error detection in tdb_expand_file():
Michael Adam [Thu, 19 Jul 2007 13:46:26 +0000 (13:46 +0000)]
r23972: Fix a bug in pwrite error detection in tdb_expand_file():
The proper error condition is (ret == -1) instead of
(ret != number_of_byte_told_to_write).


12 years agor23966: It isn't great, but at least now we have some access control in SWAT
Andrew Bartlett [Thu, 19 Jul 2007 07:48:26 +0000 (07:48 +0000)]
r23966: It isn't great, but at least now we have some access control in SWAT

This patch prevents non-root and non-administrator users from running
the provision, upgrade and vampire pages.  *I think* the rest of SWAT
is LDB operations, or otherwise authenticated, so we should now be

I wish I had a better way to 'prove' we got this right, but this is better than nothing, and moves us closer to an alpha.

Andrew Bartlett

12 years agor23965: Add testing the 'net time' command to the script.
Andrew Bartlett [Thu, 19 Jul 2007 06:44:18 +0000 (06:44 +0000)]
r23965: Add testing the 'net time' command to the script.

Andrew Bartlett

12 years agor23964: Update blackbox selftest scripts to cover more code, and to more
Andrew Bartlett [Thu, 19 Jul 2007 06:40:42 +0000 (06:40 +0000)]
r23964: Update blackbox selftest scripts to cover more code, and to more
consistantly report errors.  (Some were being lost due to the "echo
foo | cmd" calling convention).

Andrew Bartlett

12 years agor23961: Allow SWAT to operate on x86_64 machines.
Andrew Bartlett [Thu, 19 Jul 2007 04:00:32 +0000 (04:00 +0000)]
r23961: Allow SWAT to operate on x86_64 machines.

On machines with a 4 byte int, and a 8 byte pointer, the ESP could would fail.

The problem is that 0 != NULL.  0 is an int (4 bytes) and NULL is a
pointer (8), and this matters critically to varargs functions.

If a 0 was passed as the 'terminating' argument, then only 4 bytes
would be written to the stack, but va_arg(ap, char *) would try and
pull 8, reading uninitalised memory.

Andrew Bartlett

12 years agor23960: Don't destory the 'reason' for terminating the service before printing it.
Andrew Bartlett [Thu, 19 Jul 2007 03:57:44 +0000 (03:57 +0000)]
r23960: Don't destory the 'reason' for terminating the service before printing it.

Andrew Bartlett

12 years agor23959: add more monitor messages support that's been sitting around on my
Rafal Szczesniak [Wed, 18 Jul 2007 21:24:37 +0000 (21:24 +0000)]
r23959: add more monitor messages support that's been sitting around on my
laptop for a while.


12 years agor23950: unlink before rename is superfluous.
Michael Adam [Wed, 18 Jul 2007 08:29:00 +0000 (08:29 +0000)]
r23950: unlink before rename is superfluous.


12 years agor23925: Use NULL instead of 0 for a void * argument.
Michael Adam [Tue, 17 Jul 2007 10:30:13 +0000 (10:30 +0000)]
r23925: Use NULL instead of 0 for a void * argument.

12 years agor23912: We always accept / as a seperator, and it is far less confusing
Andrew Bartlett [Tue, 17 Jul 2007 05:40:36 +0000 (05:40 +0000)]
r23912: We always accept / as a seperator, and it is far less confusing
compared with a shell-escape (\).

Fixes bug #4765

Andrew Bartlett

12 years agor23907: Fix bug 4790 reported by
Andrew Bartlett [Tue, 17 Jul 2007 00:10:53 +0000 (00:10 +0000)]
r23907: Fix bug 4790 reported by

Before the provisioning enters to the function provision_default_paths (in
scripting/libjs/provision.js), the variable subobj.DNSDOMAIN isn't properly set
(for example for the filename of the DNS zonefile).

Andrew Bartlett

12 years agor23905: SATOH Fumiyasu <> points out that we want &&, not ; here...
Andrew Bartlett [Mon, 16 Jul 2007 23:38:29 +0000 (23:38 +0000)]
r23905: SATOH Fumiyasu <> points out that we want &&, not ; here...

(We don't want to make a distclean of the main user tree, just because
they don't have the parent directory checked out).

Andrew Bartlett

12 years agor23895: reapply rev 23493:
Stefan Metzmacher [Mon, 16 Jul 2007 15:03:03 +0000 (15:03 +0000)]
r23895: reapply rev 23493:

regenerate lex.c files with flex 2.5.33
this makes sure we include config.h as first header

hopefully fixes the build on SerNet-aix

abartlet: please don't revert that again with your next
          heimdal merge...:-)


12 years agor23890: Allow wbinfo -a to work against Samba4's winbind.
Andrew Bartlett [Mon, 16 Jul 2007 11:27:29 +0000 (11:27 +0000)]
r23890: Allow wbinfo -a to work against Samba4's winbind.

Add a test for wbinfo -a to

Reimplement the server-side 'pam_auth' and 'pam_auth_crap' calls to
use the same SamLogon code as auth_winbind uses.

In my previous code, we did not bind to the LSA and SAMR pipes, before
attempting operations.  We now do this (how we passed any tests before
is beyond me).

This required some rework, particularly to make it easier to setup
secondary connections.  The new rpc_secondary_auth_connection()
function also performs the bind.

The dcerpc_connect.c file was getting to big, so things have been
merged into dcerpc_secondary.c.

Andrew Bartlett

12 years agor23881: A quick fix from to be more portable to non-GNU
Andrew Bartlett [Mon, 16 Jul 2007 01:48:07 +0000 (01:48 +0000)]
r23881: A quick fix from to be more portable to non-GNU
make in

Andrew Bartlett

12 years agor23880: Don't crash when we run wbinfo -a against our own winbind when we are a DC.
Andrew Bartlett [Sun, 15 Jul 2007 10:46:34 +0000 (10:46 +0000)]
r23880: Don't crash when we run wbinfo -a against our own winbind when we are a DC.

Next step is to make it work...

Andrew Bartlett

12 years agor23876: Prepare to run nsstest from make test, just not add it to yet.
Kai Blin [Sun, 15 Jul 2007 07:51:31 +0000 (07:51 +0000)]
r23876: Prepare to run nsstest from make test, just not add it to yet.

12 years agor23875: As pointed out by
Andrew Bartlett [Sat, 14 Jul 2007 00:12:25 +0000 (00:12 +0000)]
r23875: As pointed out by
On default Active Directory installations, the NETLOGON share isn't
an indipendent directory. In fact it's mapped to the subdirectory
"scripts" from the share SYSVOL under <Domain name>.

Andrew Bartlett

12 years agor23862: Explain who requested unknown dependency. Helps a lot in chasing dependency...
Alexander Bokovoy [Fri, 13 Jul 2007 10:02:44 +0000 (10:02 +0000)]
r23862: Explain who requested unknown dependency. Helps a lot in chasing dependency hell when trimming down s4 platform

12 years agor23860: export WINBINDD_SOCKET_DIR into the testenv
Stefan Metzmacher [Fri, 13 Jul 2007 08:38:51 +0000 (08:38 +0000)]
r23860: export WINBINDD_SOCKET_DIR into the testenv


12 years agor23859: Work to have Group Policy work 'out of the box' in Samba4.
Andrew Bartlett [Fri, 13 Jul 2007 08:01:36 +0000 (08:01 +0000)]
r23859: Work to have Group Policy work 'out of the box' in Samba4.

This involves creating the SYSVOL and NETLOGON shares at provision
time, and creating the right subdirectories.

This also changes the behaviour of lp.get("foo") in ejs - we now
return undefined, rather than syntax error, if the parameter doesn't
exist (perhaps because the share isn't defined).

Andrew Bartlett

12 years agor23853: Fix a very misleading error message in tdbbackup.
Michael Adam [Thu, 12 Jul 2007 13:41:34 +0000 (13:41 +0000)]
r23853: Fix a very misleading error message in tdbbackup.


12 years agor23852: Merge Samba 3.2's wbinfo into Samba4, so Kai can use it for testing.
Andrew Bartlett [Thu, 12 Jul 2007 10:16:59 +0000 (10:16 +0000)]
r23852: Merge Samba 3.2's wbinfo into Samba4, so Kai can use it for testing.

Andrew Bartlett

12 years agor23851: export _ABS versions of PREFIX and SRCDIR
Stefan Metzmacher [Thu, 12 Jul 2007 09:52:32 +0000 (09:52 +0000)]
r23851: export _ABS versions of PREFIX and SRCDIR


12 years agor23849: ldap_server: Provide more info in debug traces
Andrew Bartlett [Thu, 12 Jul 2007 06:15:47 +0000 (06:15 +0000)]
r23849: ldap_server:  Provide more info in debug traces

blackbox tests:  increase test coverage by running more options.

Andrew Bartlett

12 years agor23848: Thanks to derrell for pointing out that I had not finished my patch to
Andrew Bartlett [Thu, 12 Jul 2007 04:56:33 +0000 (04:56 +0000)]
r23848: Thanks to derrell for pointing out that I had not finished my patch to
split out the auth methods.

This caused all SWAT logins to fail, except when using local system

Andrew Bartlett

12 years agor23821: Extend the winreg test by a test for DeleteKey on a
Michael Adam [Tue, 10 Jul 2007 21:35:20 +0000 (21:35 +0000)]
r23821: Extend the winreg test by a test for DeleteKey on a
key that has subkeys. This should return WERR_ACCESS_DENIED.


12 years agor23816: A little more static, but leave the dead code testjoin.c as documentation.
Andrew Bartlett [Tue, 10 Jul 2007 13:41:00 +0000 (13:41 +0000)]
r23816: A little more static, but leave the dead code testjoin.c as documentation.

Andrew Bartlett

12 years agor23815: Thanks to Matthias Wallnoefer <> for pointing out
Andrew Bartlett [Tue, 10 Jul 2007 13:26:10 +0000 (13:26 +0000)]
r23815: Thanks to Matthias Wallnoefer <> for pointing out
that we had the wrong objectClass for OU=Domain
Controllers,${DOMAINDN} (was CN=Domain Controllers,${DOMAINDN})

This fixes both the SAMR server and the LDIF templates.

Andrew Bartlett

12 years agor23812: Remove more code found as dead by the find_static script, and make
Andrew Bartlett [Tue, 10 Jul 2007 11:56:01 +0000 (11:56 +0000)]
r23812: Remove more code found as dead by the find_static script, and make
other functions just static.

Andrew Bartlett

12 years agor23811: Try to ensure struct nbt_name is always pre-declared. Might fix the
Andrew Bartlett [Tue, 10 Jul 2007 11:54:49 +0000 (11:54 +0000)]
r23811: Try to ensure struct nbt_name is always pre-declared.  Might fix the
build on aico.

Andrew Bartlett

12 years agor23810: Make things static, and remove unsued code.
Andrew Bartlett [Tue, 10 Jul 2007 11:37:30 +0000 (11:37 +0000)]
r23810: Make things static, and remove unsued code.

This includes some of the original ildap ldap client API.  ldb
provides a much easier abstraction on this to use, and doesn't use
these functions.

Andrew Bartlett

12 years agor23809: Don't give users the fantasy that we can control choice of GENSEC
Andrew Bartlett [Tue, 10 Jul 2007 10:50:44 +0000 (10:50 +0000)]
r23809: Don't give users the fantasy that we can control choice of GENSEC
security mechanisms at the moment.  I'll put this back when I
implement the functionality.

Andrew Bartlett

12 years agor23807: added hex_encode_talloc()
Andrew Tridgell [Tue, 10 Jul 2007 08:07:42 +0000 (08:07 +0000)]
r23807: added hex_encode_talloc()

12 years agor23806: update Samba4 with the latest ctdb code.
Andrew Tridgell [Tue, 10 Jul 2007 08:06:51 +0000 (08:06 +0000)]
r23806: update Samba4 with the latest ctdb code.

This doesn't get the ctdb code fully working in Samba4, it just gets
it building and not breaking non-clustered use of Samba. It will take
a bit longer to update some of the calling ctdb_cluster.c code to make
it work correctly in Samba4.

Note also that Samba4 now only links to the client portion of
ctdb. For the moment I am leaving the ctdbd as a separate daemon,
which you install separately from

12 years agor23805: this directory is not used any more
Andrew Tridgell [Tue, 10 Jul 2007 08:06:42 +0000 (08:06 +0000)]
r23805: this directory is not used any more

12 years agor23802: fixed URL in XML
Andrew Tridgell [Tue, 10 Jul 2007 05:42:52 +0000 (05:42 +0000)]
r23802: fixed URL in XML

12 years agor23801: The FSF has moved around a lot. This fixes their Mass Ave address.
Andrew Tridgell [Tue, 10 Jul 2007 05:23:25 +0000 (05:23 +0000)]
r23801: The FSF has moved around a lot. This fixes their Mass Ave address.

12 years agor23800: LGPL is now called GNU Lesser General Public License
Andrew Tridgell [Tue, 10 Jul 2007 04:04:46 +0000 (04:04 +0000)]
r23800: LGPL is now called GNU Lesser General Public License
not GNU Library General Public License

12 years agor23799: updated old Franklin Street FSF addresses to new URL
Andrew Tridgell [Tue, 10 Jul 2007 03:52:17 +0000 (03:52 +0000)]
r23799: updated old Franklin Street FSF addresses to new URL

12 years agor23798: updated old Temple Place FSF addresses to new URL
Andrew Tridgell [Tue, 10 Jul 2007 03:42:26 +0000 (03:42 +0000)]
r23798: updated old Temple Place FSF addresses to new URL

12 years agor23797: started fixing old FSF addresses. Fixed pcap2nbench COPYING file
Andrew Tridgell [Tue, 10 Jul 2007 03:17:46 +0000 (03:17 +0000)]
r23797: started fixing old FSF addresses. Fixed pcap2nbench COPYING file

12 years agor23796: main COPYING file for samba4, plus some formatting varients
Andrew Tridgell [Tue, 10 Jul 2007 03:04:16 +0000 (03:04 +0000)]
r23796: main COPYING file for samba4, plus some formatting varients

12 years agor23795: more v2->v3 conversion
Andrew Tridgell [Tue, 10 Jul 2007 02:46:15 +0000 (02:46 +0000)]
r23795: more v2->v3 conversion

12 years agor23794: convert more code from LGPLv2+ to LGPLv3+
Andrew Tridgell [Tue, 10 Jul 2007 02:31:50 +0000 (02:31 +0000)]
r23794: convert more code from LGPLv2+ to LGPLv3+

12 years agor23792: convert Samba4 to GPLv3
Andrew Tridgell [Tue, 10 Jul 2007 02:07:03 +0000 (02:07 +0000)]
r23792: convert Samba4 to GPLv3

There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.

12 years agor23762: Fix DN renames over LDAP, and instrument the partition module. Add a
Andrew Bartlett [Mon, 9 Jul 2007 12:31:35 +0000 (12:31 +0000)]
r23762: Fix DN renames over LDAP, and instrument the partition module.  Add a
test to prove the behaviour of LDAP renames etc.

Fix LDB to return correct error code when failing to rename one DN
onto another.

Andrew Bartlett

12 years agor23754: Make sure to check the status return before we de-reference the
Andrew Bartlett [Mon, 9 Jul 2007 03:08:20 +0000 (03:08 +0000)]
r23754: Make sure to check the status return before we de-reference the
returned elements.

Andrew Bartlett

12 years agor23753: Fix bitrot afflicting the ldb Python swig bindings.
Tim Potter [Mon, 9 Jul 2007 01:49:49 +0000 (01:49 +0000)]
r23753: Fix bitrot afflicting the ldb Python swig bindings.

12 years agor23737: Validate that we object to duplicate values in an add or replace.
Andrew Bartlett [Sat, 7 Jul 2007 04:34:36 +0000 (04:34 +0000)]
r23737: Validate that we object to duplicate values in an add or replace.

We can't ever allow duplicates, even if the client sends them

Andrew Bartlett

12 years agor23734: Add a test to prove tridge's theory that the mask, once set
Jeremy Allison [Fri, 6 Jul 2007 19:45:01 +0000 (19:45 +0000)]
r23734: Add a test to prove tridge's theory that the mask, once set
on an open directory handle, is never changed. (He's right btw :-).

12 years agor23721: For unions, The TAG and the ARM are aligned independently.
Ronnie Sahlberg [Thu, 5 Jul 2007 07:19:14 +0000 (07:19 +0000)]
r23721: For unions, The TAG and the ARM are aligned independently.

Move emitting ALIGN_TO_x_BYTES to after the tag has been dissected so the
alignment only affects the ARM.

12 years agor23720: Allow the member server to work against an LDAP Backend. Another case
Andrew Bartlett [Thu, 5 Jul 2007 06:15:40 +0000 (06:15 +0000)]
r23720: Allow the member server to work against an LDAP Backend.  Another case
where LDB isn't as strict as OpenLDAP, the self join record contains
duplicate servicePrincipalNames once the DNS name and domain name are
made equal.  (Easier to just skip the useless self-join).

Andrew Bartlett

12 years agor23719: ejs being case sensitive, while LDAP is not is a real pain when
Andrew Bartlett [Thu, 5 Jul 2007 03:30:46 +0000 (03:30 +0000)]
r23719: ejs being case sensitive, while LDAP is not is a real pain when
dereferencing attributes.

Fix the case to match between the attributes searched for and the ejs
element.  (Fixes LDAP-backend selftest)

Andrew Bartlett

12 years agor23718: Make Samba4 work against the LDAP backend again.
Andrew Bartlett [Thu, 5 Jul 2007 03:06:59 +0000 (03:06 +0000)]
r23718: Make Samba4 work against the LDAP backend again.

When we set up the schema, we don't have a partitions container yet.
The LDAP error differs from that given by LDB, so I think we still
have some conformance work to do.

Andrew Bartlett

12 years agor23717: We need to remove the _ in LDAP_MANAGERPASS for the
Andrew Bartlett [Thu, 5 Jul 2007 02:52:58 +0000 (02:52 +0000)]
r23717: We need to remove the _ in LDAP_MANAGERPASS for the
--ldap-manager-pass= option to work.

Andrew Bartlett

12 years agor23716: Clarify LDAP Manager DN and fix slapd startup syntax.
Andrew Bartlett [Thu, 5 Jul 2007 01:45:37 +0000 (01:45 +0000)]
r23716: Clarify LDAP Manager DN and fix slapd startup syntax.

Andrew Bartlett

12 years agor23715: Make the provision-backend script print out the exact commands to run,
Andrew Bartlett [Thu, 5 Jul 2007 00:34:11 +0000 (00:34 +0000)]
r23715: Make the provision-backend script print out the exact commands to run,
to set up the LDAP backend.

Andrew Bartlett

12 years agor23703: Start to get Samba4 to again work with LDAP backends, after I turned
Andrew Bartlett [Wed, 4 Jul 2007 11:06:32 +0000 (11:06 +0000)]
r23703: Start to get Samba4 to again work with LDAP backends, after I turned
on metze's schema work.

Andrew Bartlett

12 years agor23702: fixed a "falling back to select" error in the standard process
Andrew Tridgell [Wed, 4 Jul 2007 07:45:41 +0000 (07:45 +0000)]
r23702: fixed a "falling back to select" error in the standard process
model. It's much cleaner to get the event system to close the fd,
especially with the complexity of forks

12 years agor23701: when we create a new socket with socket_accept(), clear any flags that
Andrew Tridgell [Wed, 4 Jul 2007 07:43:26 +0000 (07:43 +0000)]
r23701: when we create a new socket with socket_accept(), clear any flags that
were set in the old one. Otherwise SOCKET_FLAG_NOCLOSE causes a major
fd leak

12 years agor23700: pre-open the sam in the parent smbd. This has the effect of loading
Andrew Tridgell [Wed, 4 Jul 2007 05:16:19 +0000 (05:16 +0000)]
r23700: pre-open the sam in the parent smbd. This has the effect of loading
the schema. That stops us loading the schema for each new connection.

In future I would prefer to share a lot more of our ldb contexts with
children. That will require a larger piece of surgery.

12 years agor23699: when we create the global schema, remember to set the ldb opaque so we
Andrew Tridgell [Wed, 4 Jul 2007 05:15:06 +0000 (05:15 +0000)]
r23699: when we create the global schema, remember to set the ldb opaque so we
can find it again

12 years agor23698: fixed notify:backend so it actually works again
Andrew Tridgell [Wed, 4 Jul 2007 04:18:44 +0000 (04:18 +0000)]
r23698: fixed notify:backend so it actually works again

12 years agor23697: use the file perm options in the posix backend
Andrew Tridgell [Wed, 4 Jul 2007 04:16:16 +0000 (04:16 +0000)]
r23697: use the file perm options in the posix backend

12 years agor23696: added the create mask and related share permissions options to Samba4,
Andrew Tridgell [Wed, 4 Jul 2007 04:15:07 +0000 (04:15 +0000)]
r23696: added the create mask and related share permissions options to Samba4,
using the new share_int_option() code from Simo

speaking of which, this is the first time I've looked closely at the
share_classic.c code. It is absolutely and completely braindead and
broken. Whatever drugs Simo was on at the time, he better not try to
cross a border with them on him!

Problems with it:

 - if you actually set a value, it gets ignored, and the defvalue gets
   used instead ('ret' is never returned). If you don't set a value,
   then defvalue gets returned too. Sound useful?

 - it means we now have to list parameters in source/param/ in lots
   and lots of places, all of which have to match exactly. code like
   this is supposed to reduce the likelyhood of errors, not increase

 - code which has a long line of if() statements with strcmp() should
   cause your fingers to burn on the keyboard when you type it
   in. That's what structure lists are for. Strangely enough, we have
   all the info in loadparm.c in a structure list, but instead it gets
   replicated in share_classic.c in this strange if() strcmp() form

expect some changes to this code shortly. I'll need a calming cup of
tea first though :-)

12 years agor23695: By not using the NULL context for these large structures, we don't
Andrew Bartlett [Wed, 4 Jul 2007 03:25:44 +0000 (03:25 +0000)]
r23695: By not using the NULL context for these large structures, we don't
falsely report them as leaked.

Andrew Bartlett

12 years agor23693: Give the process a chance to write out it's coverage data, before we
Andrew Bartlett [Wed, 4 Jul 2007 00:34:16 +0000 (00:34 +0000)]
r23693: Give the process a chance to write out it's coverage data, before we
blast a kill -9 at it.

Andrew Bartlett

12 years agor23687: not every compiler supports __typeof__()
Stefan Metzmacher [Tue, 3 Jul 2007 16:27:35 +0000 (16:27 +0000)]
r23687: not every compiler supports __typeof__()


12 years agor23684: Only use the bzr and git information when there's
Stefan Metzmacher [Tue, 3 Jul 2007 14:44:27 +0000 (14:44 +0000)]
r23684: Only use the bzr and git information when there's
a .bzr or .git in the top branch directory

I use bzr for my home directory and
bzr version-info in ~/devel/samba/4.0/samba4-git
gives the info about the ~/.bzr branch


12 years agor23681: merge 23670 from SAMBA_3_0:
Stefan Metzmacher [Tue, 3 Jul 2007 08:22:24 +0000 (08:22 +0000)]
r23681: merge 23670 from SAMBA_3_0:


12 years agor23680: Make it easier to setup a domain member server - the 'server role'
Andrew Bartlett [Tue, 3 Jul 2007 08:05:55 +0000 (08:05 +0000)]
r23680: Make it easier to setup a domain member server - the 'server role'
will now control the auth methods, but an override is still available,

auth methods:domain controller = <methods>

Andrew Bartlett