kai/samba.git
9 years agos4-rodc: enable the DRS_GET_ALL_GROUP_MEMBERSHIP flag for RODC replication
Andrew Tridgell [Thu, 18 Nov 2010 07:48:42 +0000 (18:48 +1100)]
s4-rodc: enable the DRS_GET_ALL_GROUP_MEMBERSHIP flag for RODC replication

see the description of this flag in [MS-DRSR]

9 years agos4-join: initially disable the machine account
Andrew Tridgell [Thu, 18 Nov 2010 07:48:03 +0000 (18:48 +1100)]
s4-join: initially disable the machine account

enable after a password is set

9 years agos4-drs: fixed a typo
Andrew Tridgell [Thu, 18 Nov 2010 07:47:21 +0000 (18:47 +1100)]
s4-drs: fixed a typo

9 years agos4-wintest: remove files in var/ when reprovisioning
Andrew Tridgell [Thu, 18 Nov 2010 07:47:07 +0000 (18:47 +1100)]
s4-wintest: remove files in var/ when reprovisioning

9 years agos4-test: added --rebase and --clean options
Andrew Tridgell [Thu, 18 Nov 2010 04:27:45 +0000 (15:27 +1100)]
s4-test: added --rebase and --clean options

9 years agos4-test: use --fail-immediately for samba_dnsupdate testing
Andrew Tridgell [Thu, 18 Nov 2010 04:27:20 +0000 (15:27 +1100)]
s4-test: use --fail-immediately for samba_dnsupdate testing

9 years agos4-spnupdate: only enable NDR print at log level above 5
Andrew Tridgell [Thu, 18 Nov 2010 04:26:48 +0000 (15:26 +1100)]
s4-spnupdate: only enable NDR print at log level above 5

9 years agos4-dns: added support for --fail-immediately for RODC netlogon dns updates
Andrew Tridgell [Thu, 18 Nov 2010 03:53:20 +0000 (14:53 +1100)]
s4-dns: added support for --fail-immediately for RODC netlogon dns updates

9 years agos4-ldb.python: Use $SELFTEST_PREFIX/tmp as a temporary directory for testing
Kamen Mazdrashki [Thu, 18 Nov 2010 19:42:26 +0000 (21:42 +0200)]
s4-ldb.python: Use $SELFTEST_PREFIX/tmp as a temporary directory for testing

This way we won't flood /tmp directory with temp files

Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Thu Nov 18 23:11:18 CET 2010 on sn-devel-104

9 years agos4-ldb.python: add test for ldb.Message.from_dict() method
Kamen Mazdrashki [Thu, 18 Nov 2010 15:46:33 +0000 (17:46 +0200)]
s4-ldb.python: add test for ldb.Message.from_dict() method

9 years agos4-pyldb: ldb.Message.from_dict class method to create LdbMessage object from dictionary
Kamen Mazdrashki [Thu, 18 Nov 2010 20:11:30 +0000 (22:11 +0200)]
s4-pyldb: ldb.Message.from_dict class method to create LdbMessage object from dictionary

9 years agos4-pyldb: Move code to create a ldb_message from a Python Dictionary object into...
Kamen Mazdrashki [Thu, 18 Nov 2010 20:09:01 +0000 (22:09 +0200)]
s4-pyldb: Move code to create a ldb_message from a Python Dictionary object into a separate function

9 years agos4-samdb.py: Use ldb.get_default_basedn() to avoid RootDSE search
Kamen Mazdrashki [Mon, 15 Nov 2010 05:41:59 +0000 (07:41 +0200)]
s4-samdb.py: Use ldb.get_default_basedn() to avoid RootDSE search

9 years agos4-pyldb_util: Move ldb Type searching into separate function
Kamen Mazdrashki [Mon, 15 Nov 2010 05:41:50 +0000 (07:41 +0200)]
s4-pyldb_util: Move ldb Type searching into separate function

9 years agos4-pyldb: Few miss-alignments aligned
Kamen Mazdrashki [Mon, 15 Nov 2010 03:30:54 +0000 (05:30 +0200)]
s4-pyldb: Few miss-alignments aligned

9 years agos4-pyldb: Move PyLdbMessage_FromMessage() in PyMessage group of functions
Kamen Mazdrashki [Mon, 15 Nov 2010 02:53:05 +0000 (04:53 +0200)]
s4-pyldb: Move PyLdbMessage_FromMessage() in PyMessage group of functions

9 years agos4-pyldb: Fix wrong type of 'self' parameter
Kamen Mazdrashki [Mon, 15 Nov 2010 02:20:31 +0000 (04:20 +0200)]
s4-pyldb: Fix wrong type of 'self' parameter

9 years agos4-tests: Modified descriptor tests to use pyldb api to retrieve configuration and...
Nadezhda Ivanova [Thu, 18 Nov 2010 18:44:22 +0000 (20:44 +0200)]
s4-tests: Modified descriptor tests to use pyldb api to retrieve configuration and schema dn.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Thu Nov 18 22:25:07 CET 2010 on sn-devel-104

9 years agos4-tests: Modified acl tests to use pyldb api to retrieve configuration dn.
Nadezhda Ivanova [Thu, 18 Nov 2010 18:43:16 +0000 (20:43 +0200)]
s4-tests: Modified acl tests to use pyldb api to retrieve configuration dn.

9 years agoMake 'net rpc printer driver' behave the same as rpcclient enumdrivers
Joerg Pulz [Thu, 18 Nov 2010 19:47:23 +0000 (11:47 -0800)]
Make 'net rpc printer driver' behave the same as rpcclient enumdrivers
when dealing with unsupported architectures.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Nov 18 21:40:40 CET 2010 on sn-devel-104

9 years agos4-tests: Changed descriptor tests to use existing method in samdb for adding users...
Nadezhda Ivanova [Thu, 18 Nov 2010 17:13:41 +0000 (19:13 +0200)]
s4-tests: Changed descriptor tests to use existing method in samdb for adding users to a group.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Thu Nov 18 18:30:55 UTC 2010 on sn-devel-104

9 years agos4-tests: Changed acl tests to use existing method in samdb for adding users to a...
Nadezhda Ivanova [Thu, 18 Nov 2010 17:12:36 +0000 (19:12 +0200)]
s4-tests: Changed acl tests to use existing method in samdb for adding users to a group.

9 years agoRevert "s4:api.py - DN tests - test a bit more special DNs and merge the comparison...
Matthias Dieter Wallnöfer [Thu, 18 Nov 2010 15:37:10 +0000 (16:37 +0100)]
Revert "s4:api.py - DN tests - test a bit more special DNs and merge the comparison tests"

This reverts commit 732ef9353dff56384e8bb01aa20d2a371cd995c2.
Jelmer doesn't like to have these tests there.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Nov 18 17:46:38 UTC 2010 on sn-devel-104

9 years agos4:dsdb python tests - use "ldb.domain_dn"
Matthias Dieter Wallnöfer [Thu, 18 Nov 2010 15:06:46 +0000 (16:06 +0100)]
s4:dsdb python tests - use "ldb.domain_dn"

By inspiration of Nadya's patches

9 years agos4/operational: Fix swapped parameters for ldb_msg_copy_attr
Anatoliy Atanasov [Thu, 18 Nov 2010 14:51:22 +0000 (16:51 +0200)]
s4/operational: Fix swapped parameters for ldb_msg_copy_attr

Autobuild-User: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
Autobuild-Date: Thu Nov 18 17:02:07 UTC 2010 on sn-devel-104

9 years agos4/ldap: ldap_syntaxes.py cleanup
Anatoliy Atanasov [Thu, 18 Nov 2010 15:11:55 +0000 (17:11 +0200)]
s4/ldap: ldap_syntaxes.py cleanup

Autobuild-User: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
Autobuild-Date: Thu Nov 18 16:16:27 UTC 2010 on sn-devel-104

9 years agos3: Call sid_check_is_domain instead of dom_sid_equal
Volker Lendecke [Thu, 18 Nov 2010 14:20:38 +0000 (15:20 +0100)]
s3: Call sid_check_is_domain instead of dom_sid_equal

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Nov 18 15:32:32 UTC 2010 on sn-devel-104

9 years agos3: Make winbind recover from a signing error
Volker Lendecke [Thu, 18 Nov 2010 12:28:47 +0000 (13:28 +0100)]
s3: Make winbind recover from a signing error

When winbind sees a signing error on the smb connection to a DC (for whatever
reason, our bug, network glitch, etc) it should recover properly. The "old"
code in clientgen.c just closed the socket in this case. This is the right
thing to do, this connection is spoiled anyway. The new, async code did not do
this so far, which led to the code in winbindd_cm.c not detect that we need to
reconnect.

9 years agos3/vfs_tsmsm: remove unneeded cast to off_t
Björn Jacke [Wed, 17 Nov 2010 16:52:06 +0000 (17:52 +0100)]
s3/vfs_tsmsm: remove unneeded cast to off_t

"off_t" is wrong on 32 bit systems anyhow ...

Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Thu Nov 18 14:47:59 UTC 2010 on sn-devel-104

9 years agos3/vfs_tsmsm: fix debug output for large files
Björn Jacke [Wed, 17 Nov 2010 16:45:01 +0000 (17:45 +0100)]
s3/vfs_tsmsm: fix debug output for large files

9 years agoldb: error out when modules are not found
Simo Sorce [Thu, 18 Nov 2010 13:01:15 +0000 (08:01 -0500)]
ldb: error out when modules are not found

We shouldn't proceed without all required modules, it could cause damage to the
ldb if operations are performed w/o the needed modules.

Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Thu Nov 18 14:02:34 UTC 2010 on sn-devel-104

9 years agos4-tests: Descriptor tests should use the existing samdb domain_dn method instead...
Nadezhda Ivanova [Thu, 18 Nov 2010 11:17:00 +0000 (13:17 +0200)]
s4-tests: Descriptor tests should use the existing samdb domain_dn method instead of defining a new one

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Thu Nov 18 12:52:48 UTC 2010 on sn-devel-104

9 years agos4-tests: Acl tests should use the existing samdb domain_dn method instead of definin...
Nadezhda Ivanova [Thu, 18 Nov 2010 11:13:35 +0000 (13:13 +0200)]
s4-tests: Acl tests should use the existing samdb domain_dn method instead of defining a new one

9 years agoldb:skel.c - don't introduce trailing whitespaces by a module template
Matthias Dieter Wallnöfer [Thu, 18 Nov 2010 11:20:56 +0000 (12:20 +0100)]
ldb:skel.c - don't introduce trailing whitespaces by a module template

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Nov 18 12:08:30 UTC 2010 on sn-devel-104

9 years agos4:password_hash LDB module - remove unused headers
Matthias Dieter Wallnöfer [Thu, 18 Nov 2010 11:20:10 +0000 (12:20 +0100)]
s4:password_hash LDB module - remove unused headers

9 years agos4:repl_meta_data LDB module - allow also special DNs to be renamed correctly
Matthias Dieter Wallnöfer [Thu, 18 Nov 2010 09:44:52 +0000 (10:44 +0100)]
s4:repl_meta_data LDB module - allow also special DNs to be renamed correctly

Do always escape RDN values - this fixes bug #7794

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Nov 18 10:43:40 UTC 2010 on sn-devel-104

9 years agos4:api.py - DN tests - test a bit more special DNs and merge the comparison tests
Matthias Dieter Wallnöfer [Thu, 18 Nov 2010 08:22:07 +0000 (09:22 +0100)]
s4:api.py - DN tests - test a bit more special DNs and merge the comparison tests

9 years agoldb:ldb_dn_explode - point out that on error cases "data" is implicitly free'd
Matthias Dieter Wallnöfer [Thu, 18 Nov 2010 07:57:00 +0000 (08:57 +0100)]
ldb:ldb_dn_explode - point out that on error cases "data" is implicitly free'd

9 years agos4-test: added greater control over tests to run
Andrew Tridgell [Thu, 18 Nov 2010 03:43:53 +0000 (14:43 +1100)]
s4-test: added greater control over tests to run

now supports --list to list tests, and --skip to skip the named tests

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Nov 18 04:29:24 UTC 2010 on sn-devel-104

9 years agos4-test: rename scripting/devel/howto to scripting/devel/wintest
Andrew Tridgell [Wed, 17 Nov 2010 23:57:28 +0000 (10:57 +1100)]
s4-test: rename scripting/devel/howto to scripting/devel/wintest

this won't just be for the howto anymore

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Nov 18 00:45:18 UTC 2010 on sn-devel-104

9 years agos4-wintest: added wintest.py library
Andrew Tridgell [Wed, 17 Nov 2010 23:56:05 +0000 (10:56 +1100)]
s4-wintest: added wintest.py library

converted test-howto.py to use the wintest library.

The idea is for us to create other tests that test lots of different
interactions with windows

9 years agos3: Fix a missing return value
Volker Lendecke [Wed, 17 Nov 2010 19:54:41 +0000 (20:54 +0100)]
s3: Fix a missing return value

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Nov 17 20:40:18 UTC 2010 on sn-devel-104

9 years agos3-spoolss: make sure members of "BUILTIN\Print Operators" can open printers
Günther Deschner [Mon, 15 Nov 2010 11:22:52 +0000 (12:22 +0100)]
s3-spoolss: make sure members of "BUILTIN\Print Operators" can open printers
with admin privileges.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Nov 17 15:05:02 UTC 2010 on sn-devel-104

9 years agos3-spoolss: add debug statement for access denied cases in OpenPrinterEx path.
Günther Deschner [Mon, 15 Nov 2010 10:19:23 +0000 (11:19 +0100)]
s3-spoolss: add debug statement for access denied cases in OpenPrinterEx path.

Guenther

9 years agos3-rpcclient: exit early in cmd_spoolss_enum_data() when there is a failure.
Günther Deschner [Thu, 11 Nov 2010 12:26:10 +0000 (13:26 +0100)]
s3-rpcclient: exit early in cmd_spoolss_enum_data() when there is a failure.

Guenther

9 years agos4-repl: removed the syncall_workaround code
Andrew Tridgell [Wed, 17 Nov 2010 12:48:23 +0000 (23:48 +1100)]
s4-repl: removed the syncall_workaround code

this isn't needed any more

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Nov 17 13:41:51 UTC 2010 on sn-devel-104

9 years agos4-repl: save the result of the last replication in repsFrom/repsTo
Andrew Tridgell [Wed, 17 Nov 2010 12:13:32 +0000 (23:13 +1100)]
s4-repl: save the result of the last replication in repsFrom/repsTo

when a replication fails, we should add the failure to repsFrom
when a notify fails, we need to save it to repsTo

this ensures showrepl always shows the latest status

9 years agos4-repl: ensure we don't starve pending replication ops
Andrew Tridgell [Wed, 17 Nov 2010 12:12:10 +0000 (23:12 +1100)]
s4-repl: ensure we don't starve pending replication ops

when there was a continuous sequence of notify ops, we could leave the
replication ops starving. This ensures we run whichever was queued
first

9 years agos4-kcc: fixed result_last_attempt in showrepl
Andrew Tridgell [Wed, 17 Nov 2010 12:11:12 +0000 (23:11 +1100)]
s4-kcc: fixed result_last_attempt in showrepl

9 years agos4-doserr: telling our users to "see Windows help" doesn't seem right
Andrew Tridgell [Wed, 17 Nov 2010 12:10:48 +0000 (23:10 +1100)]
s4-doserr: telling our users to "see Windows help" doesn't seem right

9 years agos4-provision: don't test for xattrs if posix:eadb is set
Andrew Tridgell [Wed, 17 Nov 2010 10:50:06 +0000 (21:50 +1100)]
s4-provision: don't test for xattrs if posix:eadb is set

when it is set in smb.conf or on the command line, obey the setting
and don't try to test for system xattr support

9 years agos4-provision: setup posix:eadb using lp.set()
Andrew Tridgell [Wed, 17 Nov 2010 10:49:19 +0000 (21:49 +1100)]
s4-provision: setup posix:eadb using lp.set()

this allows it to override a setting made during the automatic testing
of xattr support

9 years agodeveloper: only do the C++ reserved name checking on Linux
Andrew Tridgell [Wed, 17 Nov 2010 09:36:37 +0000 (20:36 +1100)]
developer: only do the C++ reserved name checking on Linux

this prevents us breaking the solaris build, but will still mean we
prevent C++ vars in our code

9 years agos4-provision: don't try to autodetect xattr is posix:eadb is set
Andrew Tridgell [Wed, 17 Nov 2010 09:15:42 +0000 (20:15 +1100)]
s4-provision: don't try to autodetect xattr is posix:eadb is set

when posix:eadb is set then we know we should be using an eadb

9 years agos4-heimdal: ask for non-atomic heimdal
Andrew Tridgell [Tue, 16 Nov 2010 03:54:09 +0000 (22:54 -0500)]
s4-heimdal: ask for non-atomic heimdal

this allows us to build with compilers other than gcc

9 years agoheimdal: added HEIM_BASE_NON_ATOMIC option
Andrew Tridgell [Tue, 16 Nov 2010 03:53:13 +0000 (22:53 -0500)]
heimdal: added HEIM_BASE_NON_ATOMIC option

This allows heimdal to build without gcc, by not using atomic
operations. We don't need heimdal to be atomic in Samba.

9 years agos4-test: updates to test-howto.py
Andrew Tridgell [Wed, 17 Nov 2010 07:29:04 +0000 (18:29 +1100)]
s4-test: updates to test-howto.py

- handle clock skew using "net time" on windows after we open the
  telnet connection
- allow checking for result lists in order
- replicate all partitions after vampiring so we don't need
  to wait for periodic replication
- use a krb5 ccache in the prefix for kinit based tests

The complete test suite now passes on my system, taking just over 13
minutes to complete

9 years agos4-heimdal: implement KERB_AP_ERR_TYPE_SKEW_RECOVERY
Andrew Tridgell [Wed, 17 Nov 2010 06:33:31 +0000 (17:33 +1100)]
s4-heimdal: implement KERB_AP_ERR_TYPE_SKEW_RECOVERY

this e_data field in a kerberos error packet tells windows to do clock
skew recovery.

See [MS-KILE] 2.2.1 KERB-ERROR-DATA

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agos4-gensec: zero the gssapi_state
Andrew Tridgell [Wed, 17 Nov 2010 06:09:24 +0000 (17:09 +1100)]
s4-gensec: zero the gssapi_state

this fixes a use of the target_principal before initialisation

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agos4-provision: use the command line lp in provision
Andrew Tridgell [Wed, 17 Nov 2010 01:54:41 +0000 (12:54 +1100)]
s4-provision: use the command line lp in provision

this ensures that provision options are stored in the generated
smb.conf

9 years agos4-provision: add log messages about IP lookup
Andrew Tridgell [Wed, 17 Nov 2010 01:54:13 +0000 (12:54 +1100)]
s4-provision: add log messages about IP lookup

the IPv6 lookup can be very slow if a DNS server in the search list is
unavailable. It's good to let the user know what its doing.

9 years agos4-dns: catch more expections in samba_dnsupdate
Andrew Tridgell [Wed, 17 Nov 2010 01:33:02 +0000 (12:33 +1100)]
s4-dns: catch more expections in samba_dnsupdate

9 years agos3: Remove a reference to "winbindd_cli_state" from append_auth_data
Volker Lendecke [Tue, 16 Nov 2010 16:58:10 +0000 (17:58 +0100)]
s3: Remove a reference to "winbindd_cli_state" from append_auth_data

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Nov 17 12:02:34 UTC 2010 on sn-devel-104

9 years agos3: Remove a reference to "winbindd_cli_state" from append_info3_as_txt
Volker Lendecke [Tue, 16 Nov 2010 16:56:21 +0000 (17:56 +0100)]
s3: Remove a reference to "winbindd_cli_state" from append_info3_as_txt

9 years agos3: Remove a reference to "winbindd_cli_state" from append_afs_token
Volker Lendecke [Tue, 16 Nov 2010 16:52:31 +0000 (17:52 +0100)]
s3: Remove a reference to "winbindd_cli_state" from append_afs_token

9 years agos3: Remove a reference to "winbindd_cli_state" from append_info3_as_ndr
Volker Lendecke [Tue, 16 Nov 2010 16:50:16 +0000 (17:50 +0100)]
s3: Remove a reference to "winbindd_cli_state" from append_info3_as_ndr

9 years agos3: Remove a reference to "winbindd_cli_state" from append_unix_username
Volker Lendecke [Tue, 16 Nov 2010 16:44:08 +0000 (17:44 +0100)]
s3: Remove a reference to "winbindd_cli_state" from append_unix_username

9 years agos3: Remove a reference to "winbindd_cli_state" from append_auth_data
Volker Lendecke [Tue, 16 Nov 2010 16:07:33 +0000 (17:07 +0100)]
s3: Remove a reference to "winbindd_cli_state" from append_auth_data

9 years ago"bool ? true : false" is a bit pointless
Volker Lendecke [Tue, 16 Nov 2010 15:22:32 +0000 (16:22 +0100)]
"bool ? true : false" is a bit pointless

9 years agos3: Move parse_sidlist to the only calling file
Volker Lendecke [Tue, 16 Nov 2010 15:11:14 +0000 (16:11 +0100)]
s3: Move parse_sidlist to the only calling file

9 years agos3: Remove some unused code
Volker Lendecke [Tue, 16 Nov 2010 15:09:04 +0000 (16:09 +0100)]
s3: Remove some unused code

9 years agoldb:ldb_dn.c - ldb_dn_explode - free also the extended components on error cases
Matthias Dieter Wallnöfer [Wed, 17 Nov 2010 07:58:21 +0000 (08:58 +0100)]
ldb:ldb_dn.c - ldb_dn_explode - free also the extended components on error cases

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Nov 17 08:45:53 UTC 2010 on sn-devel-104

9 years agotevent: Fix docstring, tevent_req_is_in_progress does not destroy private data
Kai Blin [Wed, 17 Nov 2010 06:07:08 +0000 (07:07 +0100)]
tevent: Fix docstring, tevent_req_is_in_progress does not destroy private data

Autobuild-User: Kai Blin <kai@samba.org>
Autobuild-Date: Wed Nov 17 07:23:51 UTC 2010 on sn-devel-104

9 years agos4-test: added testing of w2k3 DC join to test-howto.py
Andrew Tridgell [Wed, 17 Nov 2010 00:29:50 +0000 (11:29 +1100)]
s4-test: added testing of w2k3 DC join to test-howto.py

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Nov 17 01:16:19 UTC 2010 on sn-devel-104

9 years agos4-join: fixed join to w2k3
Andrew Tridgell [Wed, 17 Nov 2010 00:10:45 +0000 (11:10 +1100)]
s4-join: fixed join to w2k3

w2k3 does need msDS-Behavior-Version

9 years agos4-join: show a reasonable error on DsAddEntry() failing
Andrew Tridgell [Wed, 17 Nov 2010 00:09:59 +0000 (11:09 +1100)]
s4-join: show a reasonable error on DsAddEntry() failing

DsAddEntry() gives errors in a reply container

9 years agos4-join: enable NDR printing at debug levels >= 5
Andrew Tridgell [Wed, 17 Nov 2010 00:08:59 +0000 (11:08 +1100)]
s4-join: enable NDR printing at debug levels >= 5

this is handy for debugging joins

9 years agos4-loadparm: set debuglevel and logfile in tables
Andrew Tridgell [Wed, 17 Nov 2010 00:07:12 +0000 (11:07 +1100)]
s4-loadparm: set debuglevel and logfile in tables

this allows the debug level and logfile to be queried from python
using lp.get(). Otheriwse they are set only in the globals, and not in
the tables.

9 years agos4-loadparm: fixed a memory leak in handle_realm()
Andrew Tridgell [Wed, 17 Nov 2010 00:06:33 +0000 (11:06 +1100)]
s4-loadparm: fixed a memory leak in handle_realm()

we need to free the lowercase and uppercase varients

9 years agos4-kdc Rework supported encryption type logic to match Microsoft
Andrew Bartlett [Tue, 16 Nov 2010 10:01:22 +0000 (21:01 +1100)]
s4-kdc Rework supported encryption type logic to match Microsoft

Thanks to Hongwei Sun for the clear description of the algorithim
involved.  Importantly, it isn't possible to remove encryption types
from the list, only to add them over the defaults (DES and
arcfour-hmac-md5, and additional AES for DCs and RODCs).

This changes the behaviour for entries with
msDS-supportedEncryptionTypes: 0, which Angelos Oikonomopoulos
reported finding set by ADUC when attempting to store cleartext
passwords.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Nov 16 21:24:43 UTC 2010 on sn-devel-104

9 years agos4:acl LDB module - use also here "dsdb_find_nc_root" to implement the NC-specific...
Matthias Dieter Wallnöfer [Tue, 16 Nov 2010 13:22:27 +0000 (14:22 +0100)]
s4:acl LDB module - use also here "dsdb_find_nc_root" to implement the NC-specific checks

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Nov 16 15:12:13 UTC 2010 on sn-devel-104

9 years agos4:descriptor LDB module - also "get_default_ag" should make use of "dsdb_find_nc_root"
Matthias Dieter Wallnöfer [Tue, 16 Nov 2010 12:17:32 +0000 (13:17 +0100)]
s4:descriptor LDB module - also "get_default_ag" should make use of "dsdb_find_nc_root"

9 years agos4:descriptor LDB module - handle the NCs in a more generic way by using "dsdb_find_n...
Matthias Dieter Wallnöfer [Tue, 16 Nov 2010 12:12:02 +0000 (13:12 +0100)]
s4:descriptor LDB module - handle the NCs in a more generic way by using "dsdb_find_nc_root"

9 years agos4:"dsdb_find_nc_root" - let it work also when the "namingContexts" attribute isn...
Matthias Dieter Wallnöfer [Tue, 16 Nov 2010 14:20:04 +0000 (15:20 +0100)]
s4:"dsdb_find_nc_root" - let it work also when the "namingContexts" attribute isn't available yet

This is needed on provisioning when the modules aren't set up yet.

9 years agos4:descriptor LDB module - make more clear that special control entries never should...
Matthias Dieter Wallnöfer [Tue, 16 Nov 2010 12:25:34 +0000 (13:25 +0100)]
s4:descriptor LDB module - make more clear that special control entries never should be handled by modules

9 years agos4:objectclass LDB module - the "olddn" is the special DN for rename requests
Matthias Dieter Wallnöfer [Tue, 16 Nov 2010 12:22:05 +0000 (13:22 +0100)]
s4:objectclass LDB module - the "olddn" is the special DN for rename requests

9 years agos4-schema_load: Don't clean in_transaction flag until transaction is really finished
Kamen Mazdrashki [Thu, 11 Nov 2010 21:25:35 +0000 (23:25 +0200)]
s4-schema_load: Don't clean in_transaction flag until transaction is really finished

Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Tue Nov 16 11:00:35 UTC 2010 on sn-devel-104

9 years agos4:subtree_rename LDB module - make use of "dsdb_find_nc_root"
Matthias Dieter Wallnöfer [Tue, 16 Nov 2010 07:34:52 +0000 (08:34 +0100)]
s4:subtree_rename LDB module - make use of "dsdb_find_nc_root"

This is exactly what's needed there.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Nov 16 08:42:07 UTC 2010 on sn-devel-104

9 years agos4:objectclass LDB module - free "nc_root" after name context comparisons
Matthias Dieter Wallnöfer [Tue, 16 Nov 2010 07:34:27 +0000 (08:34 +0100)]
s4:objectclass LDB module - free "nc_root" after name context comparisons

9 years agos4-test: fixes for test-howto.py
Andrew Tridgell [Tue, 16 Nov 2010 07:14:11 +0000 (18:14 +1100)]
s4-test: fixes for test-howto.py

this fixes some timing issues, plus ensures we test both with and
without kerberos

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Tue Nov 16 07:58:55 UTC 2010 on sn-devel-104

9 years agos4-spoolss: fixed warning in call to torture_warning()
Andrew Tridgell [Tue, 16 Nov 2010 04:14:43 +0000 (15:14 +1100)]
s4-spoolss: fixed warning in call to torture_warning()

9 years agos4-eventlog: fixed dcerpc handle return
Andrew Tridgell [Tue, 16 Nov 2010 04:14:18 +0000 (15:14 +1100)]
s4-eventlog: fixed dcerpc handle return

9 years agosamba-tool Add test for --store-plaintext
Andrew Bartlett [Tue, 16 Nov 2010 05:43:05 +0000 (16:43 +1100)]
samba-tool Add test for --store-plaintext

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Nov 16 06:29:04 UTC 2010 on sn-devel-104

9 years agoUpdate dcerpc_server.pc library name to match reality.
Brad Hards [Tue, 16 Nov 2010 05:42:50 +0000 (16:42 +1100)]
Update dcerpc_server.pc library name to match reality.

9 years agosamba-tool pwsettings Allow setting 'store cleartext'
Andrew Bartlett [Tue, 16 Nov 2010 05:32:55 +0000 (16:32 +1100)]
samba-tool pwsettings Allow setting 'store cleartext'

This allows the 'store cleartext' password policy flag to be (un)set.

Andrew Bartlett

9 years agos4-ldif_handlers Add handler for printing supplementalCredentials
Andrew Bartlett [Tue, 16 Nov 2010 05:32:27 +0000 (16:32 +1100)]
s4-ldif_handlers Add handler for printing supplementalCredentials

9 years agos4-test_kinit Add tests for lowercase realm combinations
Andrew Bartlett [Tue, 16 Nov 2010 05:01:19 +0000 (16:01 +1100)]
s4-test_kinit Add tests for lowercase realm combinations

This tests that the handling of lowercase realms works in our KDC and
libraries.

Andrew Bartlett

9 years agoheimdal Build ticket with the canonical server name
Andrew Bartlett [Tue, 16 Nov 2010 04:05:33 +0000 (15:05 +1100)]
heimdal Build ticket with the canonical server name

We need to use the name that the HDB entry returned, otherwise we
will not canonicalise the reply as requested.

Andrew Bartlett

9 years agos4-kdc Fix the realm handling again, this time pay attention to the flags
Andrew Bartlett [Tue, 16 Nov 2010 03:16:31 +0000 (14:16 +1100)]
s4-kdc Fix the realm handling again, this time pay attention to the flags

The KDC sets different flags for the AS-REQ (this is client-depenent)
and the TGS-REQ to determine if the realm should be forced to the
canonical value.  If we do this always, or do this never, we get into
trouble, so it's much better to honour the flags we are given.

Andrew Bartlett

9 years agos4-kdc use 'flags' to only create the 'admin data' elements when requested
Andrew Bartlett [Tue, 16 Nov 2010 03:12:17 +0000 (14:12 +1100)]
s4-kdc use 'flags' to only create the 'admin data' elements when requested

This avoids setting these values when the caller simply does not care

Andrew Bartlett