kai/samba.git
9 years agoheimdal: fixed a shadowed variable warning for error_message
Andrew Tridgell [Mon, 8 Nov 2010 21:51:20 +0000 (08:51 +1100)]
heimdal: fixed a shadowed variable warning for error_message

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agos4-attid: Uppercase ATTID type constants
Kamen Mazdrashki [Mon, 8 Nov 2010 14:27:22 +0000 (16:27 +0200)]
s4-attid: Uppercase ATTID type constants

Thanks Metze for noting this!

Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Mon Nov  8 23:06:41 UTC 2010 on sn-devel-104

9 years agos4-test: Initial implementation for Schema replication black box test
Kamen Mazdrashki [Sun, 7 Nov 2010 02:41:50 +0000 (04:41 +0200)]
s4-test: Initial implementation for Schema replication black box test

9 years agoSecond part of fix for bug #7777 - When requesting lookups for BUILTIN sids, winbindd...
Jeremy Allison [Mon, 8 Nov 2010 21:41:34 +0000 (13:41 -0800)]
Second part of fix for bug #7777 - When requesting lookups for BUILTIN sids, winbindd allocates new uids/gids in error.

Ensure we return after calling passdb for SID lookups for which we are
authoritative.

Jeremy.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Nov  8 22:24:34 UTC 2010 on sn-devel-104

9 years agoEnsure we always have a mapped group for "Domain Users".
Jeremy Allison [Mon, 8 Nov 2010 21:39:51 +0000 (13:39 -0800)]
Ensure we always have a mapped group for "Domain Users".
Needed for DC tests to pass with bugfix for bug #7777.

Jeremy.

9 years agoFirst part of fix for bug #7777 - When requesting lookups for BUILTIN sids, winbindd...
Jeremy Allison [Mon, 8 Nov 2010 21:38:13 +0000 (13:38 -0800)]
First part of fix for bug #7777 - When requesting lookups for BUILTIN sids, winbindd allocates new uids/gids in error.

Ensure idmap_init_passdb_domain() correctly initialized the default
domain first.

Jeremy.

9 years agos3/configure: fix typo and warning
Björn Jacke [Mon, 8 Nov 2010 20:14:44 +0000 (21:14 +0100)]
s3/configure: fix typo and warning

Autobuild-User: Björn Jacke <bjacke@samba.org>
Autobuild-Date: Mon Nov  8 20:58:20 UTC 2010 on sn-devel-104

9 years agos4:password_hash LDB module - introduce a "userPassword" flag which enables/disables...
Matthias Dieter Wallnöfer [Mon, 8 Nov 2010 14:42:29 +0000 (15:42 +0100)]
s4:password_hash LDB module - introduce a "userPassword" flag which enables/disables the two "userPassword" behaviours

- Enabled: "userPassword" password change behaviour (will later be linked to the
  "dSHeuristics")
- Disabled: "userPassword" plain attribute behaviour (default)

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Nov  8 15:28:06 UTC 2010 on sn-devel-104

9 years agos4:pyldb.c - fix "py_ldb_contains" according to the comment by Jelmer
Matthias Dieter Wallnöfer [Mon, 8 Nov 2010 14:24:41 +0000 (15:24 +0100)]
s4:pyldb.c - fix "py_ldb_contains" according to the comment by Jelmer

9 years agos3-waf: add idmap_autorid to the build.
Günther Deschner [Mon, 8 Nov 2010 13:34:51 +0000 (14:34 +0100)]
s3-waf: add idmap_autorid to the build.

Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Nov  8 14:17:27 UTC 2010 on sn-devel-104

9 years agos3: Fix an uninitialized variable
Volker Lendecke [Mon, 8 Nov 2010 11:59:59 +0000 (12:59 +0100)]
s3: Fix an uninitialized variable

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Nov  8 13:22:06 UTC 2010 on sn-devel-104

9 years agos3: Build idmap_autorid by default
Volker Lendecke [Mon, 8 Nov 2010 11:54:49 +0000 (12:54 +0100)]
s3: Build idmap_autorid by default

9 years agos3:idmap: add a new ID mapping module autorid
Christian Ambach [Wed, 7 Jul 2010 10:35:36 +0000 (12:35 +0200)]
s3:idmap: add a new ID mapping module autorid

This is an initial implementation of the idmap_autorid module.
It works similar to the idmap_rid module but requires less
configuration. It will automatically pick ranges for each domain,
so you do not have to bother any more about adding an idmap
configuration for all of the domains in the forest.

This is very easy to use and to configure and much more
deterministic and faster than idmap_tdb, the typical choice
of Samba users up to now.

9 years agos3:winbind add wcache_tdc_fetch_domainbysid
Christian Ambach [Fri, 29 Oct 2010 13:53:20 +0000 (15:53 +0200)]
s3:winbind add wcache_tdc_fetch_domainbysid

add a function to lookup a domain in the winbind cache by domain SID

9 years agos3: Put some parentheses around conditionals
Volker Lendecke [Mon, 8 Nov 2010 10:55:07 +0000 (11:55 +0100)]
s3: Put some parentheses around conditionals

9 years agos3: Consistently use stdbool types in new code
Volker Lendecke [Mon, 8 Nov 2010 10:50:51 +0000 (11:50 +0100)]
s3: Consistently use stdbool types in new code

9 years agos3:winbind add timeouts to winbind cache
Christian Ambach [Thu, 4 Nov 2010 16:10:25 +0000 (17:10 +0100)]
s3:winbind add timeouts to winbind cache

This adds a timeout value to cache entries and the NDR records
in the winbind cache.

The previous approach of just comparing the sequence number has some issues,
e.g. when retrying a wbinfo -n operation for a user in a not yet trusted
domain was always failing even after the trusted domain was added.

The new approach compares sequence number and timeout value to
determine if a cache entry is still valid or not.

I increased the cache version number so an old cache will be wiped
automatically after upgrade.

9 years agos4:passwords.py - test empty password attributes behaviour
Matthias Dieter Wallnöfer [Mon, 1 Nov 2010 18:54:07 +0000 (19:54 +0100)]
s4:passwords.py - test empty password attributes behaviour

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Nov  8 12:09:56 UTC 2010 on sn-devel-104

9 years agos4:password_hash LDB module - deleting password attributes is a little more complicated
Matthias Dieter Wallnöfer [Mon, 8 Nov 2010 10:33:53 +0000 (11:33 +0100)]
s4:password_hash LDB module - deleting password attributes is a little more complicated

9 years agos4:samdb_msg_find_old_and_new_ldb_val - rework
Matthias Dieter Wallnöfer [Sun, 7 Nov 2010 21:08:19 +0000 (22:08 +0100)]
s4:samdb_msg_find_old_and_new_ldb_val - rework

- don't crash when no values where specified
- return ERR_CONSTRAINT_VIOLATION on malformed messages
- only check for flags when we are involved in a LDB modify operation

9 years agos4:password_hash LDB module - clear the fact that a delete of password attributes...
Matthias Dieter Wallnöfer [Mon, 8 Nov 2010 10:31:16 +0000 (11:31 +0100)]
s4:password_hash LDB module - clear the fact that a delete of password attributes isn't possible

9 years agos4:acl LDB module - define the delete passwords special case a bit better
Matthias Dieter Wallnöfer [Sun, 7 Nov 2010 21:37:39 +0000 (22:37 +0100)]
s4:acl LDB module - define the delete passwords special case a bit better

9 years agos4:passwords.py - add another two failure cases
Matthias Dieter Wallnöfer [Sun, 7 Nov 2010 21:35:29 +0000 (22:35 +0100)]
s4:passwords.py - add another two failure cases

9 years agoldb:pyldb.c - "py_ldb_msg_element_get" - here we can safely use "unsigned int" for...
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 16:50:25 +0000 (17:50 +0100)]
ldb:pyldb.c - "py_ldb_msg_element_get" - here we can safely use "unsigned int" for the element reference

We don't make use of "Py_List*" calls

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Nov  8 11:21:27 UTC 2010 on sn-devel-104

9 years agoldb:pyldb.c - "py_ldb_contains" - return only "0" not found, "1" found, "-1" error
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 16:49:18 +0000 (17:49 +0100)]
ldb:pyldb.c - "py_ldb_contains" - return only "0" not found, "1" found, "-1" error

9 years agoldb:pyldb.c - most of the times "time_t" is defined as "long int"
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 15:29:27 +0000 (16:29 +0100)]
ldb:pyldb.c - most of the times "time_t" is defined as "long int"

Therefore use a signed long int for conversions.

http://stackoverflow.com/questions/471248/what-is-ultimately-a-time-t-typedef-to

9 years agoldb:pyldb.c - fix some "Py_ssize_t" output warnings
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 17:03:22 +0000 (18:03 +0100)]
ldb:pyldb.c - fix some "Py_ssize_t" output warnings

9 years agoldb:pyldb.c - use "Py_ssize_t" for counting list entries
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 16:48:39 +0000 (17:48 +0100)]
ldb:pyldb.c - use "Py_ssize_t" for counting list entries

This seems to be the most appopriate type

9 years agoldb:pyldb.c - fix indentation
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 15:29:06 +0000 (16:29 +0100)]
ldb:pyldb.c - fix indentation

9 years agos4:pydsdb.c - use "Py_ssize_t" for Python list counters
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 15:28:33 +0000 (16:28 +0100)]
s4:pydsdb.c - use "Py_ssize_t" for Python list counters

Seems to be the most appropriate type

9 years agos4:pydsdb.c - introduce Python 2.4 compatibility defines
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 16:54:36 +0000 (17:54 +0100)]
s4:pydsdb.c - introduce Python 2.4 compatibility defines

9 years agos4:objectguid/repl_meta_data LDB module - deny "objectGUID" updates
Matthias Dieter Wallnöfer [Mon, 8 Nov 2010 09:16:45 +0000 (10:16 +0100)]
s4:objectguid/repl_meta_data LDB module - deny "objectGUID" updates

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Nov  8 10:36:50 UTC 2010 on sn-devel-104

9 years agos4:objectclass LDB module - no idea why we'd need the "objectGUID" here
Matthias Dieter Wallnöfer [Mon, 8 Nov 2010 09:26:02 +0000 (10:26 +0100)]
s4:objectclass LDB module - no idea why we'd need the "objectGUID" here

9 years agos4:objectguid LDB module - make use of "dsdb_next_callback"
Matthias Dieter Wallnöfer [Mon, 8 Nov 2010 09:31:49 +0000 (10:31 +0100)]
s4:objectguid LDB module - make use of "dsdb_next_callback"

9 years agos4:drsuapi RPC server - writespn.c - fix indentations
Matthias Dieter Wallnöfer [Mon, 8 Nov 2010 08:58:59 +0000 (09:58 +0100)]
s4:drsuapi RPC server - writespn.c - fix indentations

9 years agos4-drs: allow bypass of writespn checking for some SPNs
Andrew Tridgell [Mon, 8 Nov 2010 08:01:36 +0000 (19:01 +1100)]
s4-drs: allow bypass of writespn checking for some SPNs

this allows accounts (and in particular RODCs) to make SPN updates on
their own account if they take the form SERVICE/hostname

we may be able to remove this in the future after some changes in our
ACL checking for userPrincipalName

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov  8 08:45:16 UTC 2010 on sn-devel-104

9 years agoheimdal Add clock-skew handling to DCE-style GSSAPI
Andrew Bartlett [Mon, 8 Nov 2010 06:38:38 +0000 (17:38 +1100)]
heimdal Add clock-skew handling to DCE-style GSSAPI

The clock skew handling was previously only on properly wrapped
GSSAPI, and was skipped for DCE-style.  This allows the ASN.1 errors
from the krb5_rd_req to suggest parsing as a kerberos error packet.

Andrew Bartlett

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov  8 07:58:09 UTC 2010 on sn-devel-104

9 years agos4-auth Supply more useful error messages on Kerberos failure
Andrew Bartlett [Mon, 8 Nov 2010 05:55:17 +0000 (16:55 +1100)]
s4-auth Supply more useful error messages on Kerberos failure

The practice of returning only NT_STATUS_INVALID_PARAMETER hasn't
helped our users to debug problems effectivly, and so we now return
more errors and try and give a more useful debug message when then
happen.

Andrew Bartlett

9 years agos4-auth Fix typos in samba4 auth code
Brad Hards [Mon, 8 Nov 2010 01:15:50 +0000 (12:15 +1100)]
s4-auth Fix typos in samba4 auth code

9 years agos4-dsdb Explain why we may not use the GC name in some situations.
Andrew Bartlett [Mon, 8 Nov 2010 01:13:32 +0000 (12:13 +1100)]
s4-dsdb Explain why we may not use the GC name in some situations.

This delicate balance caused us a bit of a puzzle when we could not work
out why an DC join failed with the new python scripts.

Andrew Bartlett

9 years agos4-selftest fix indentation
Andrew Bartlett [Sat, 6 Nov 2010 02:48:31 +0000 (13:48 +1100)]
s4-selftest fix indentation

9 years agos4-repl: fixed replication notifications to RODCs
Andrew Tridgell [Mon, 8 Nov 2010 06:14:09 +0000 (17:14 +1100)]
s4-repl: fixed replication notifications to RODCs

We need a separate source dsa list for RODCs, as they are not in the
repsFrom for our partitions, but are in the repsTo. This adds a new
'notifies' list, which contains all the source dsas for the DCs that
we should send notifies to, but which we don't replicate from

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov  8 06:57:43 UTC 2010 on sn-devel-104

9 years agofix
Andrew Tridgell [Mon, 8 Nov 2010 06:13:12 +0000 (17:13 +1100)]
fix

9 years agos4-debug: lowered the debug level of some unimportant messages
Andrew Tridgell [Mon, 8 Nov 2010 05:02:21 +0000 (16:02 +1100)]
s4-debug: lowered the debug level of some unimportant messages

9 years agos4-ldb: don't give an error if a module is already registered
Andrew Tridgell [Mon, 8 Nov 2010 04:46:09 +0000 (15:46 +1100)]
s4-ldb: don't give an error if a module is already registered

this can happen when both the build and install paths are used to load
ldb modules

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov  8 05:28:14 UTC 2010 on sn-devel-104

9 years agowaf: go back to the previous method of handling .inst. rules
Andrew Tridgell [Mon, 8 Nov 2010 04:45:18 +0000 (15:45 +1100)]
waf: go back to the previous method of handling .inst. rules

the change broke the library linkages for some library, as spotted by
Brad

9 years agowaf: fixed the names of the installed libraries after the last change
Andrew Tridgell [Mon, 8 Nov 2010 01:47:09 +0000 (12:47 +1100)]
waf: fixed the names of the installed libraries after the last change

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov  8 02:31:18 UTC 2010 on sn-devel-104

9 years agos4-dns: ensure we get the right case on the grant rule for administrator
Andrew Tridgell [Mon, 8 Nov 2010 00:55:02 +0000 (11:55 +1100)]
s4-dns: ensure we get the right case on the grant rule for administrator

it may be 'Administrator' in the database, and bind match rules are
case sensitive

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov  8 01:41:43 UTC 2010 on sn-devel-104

9 years agowaf: fixed tabs/spaces for python3.0
Andrew Tridgell [Mon, 8 Nov 2010 00:11:32 +0000 (11:11 +1100)]
waf: fixed tabs/spaces for python3.0

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov  8 00:55:13 UTC 2010 on sn-devel-104

9 years agowaf: prevent us from modifying non-install libs during make install
Andrew Tridgell [Mon, 8 Nov 2010 00:01:13 +0000 (11:01 +1100)]
waf: prevent us from modifying non-install libs during make install

we need to ensure that 'make install' does not change any of our build
libraries, and only changes the .inst.so libraries, otherwise doing a
make test in the build directory directly after a make install could
use the installed libraries, which would mean using the wrong
LDB_MODULES_PATH

this could cause the "unknown error" loading ldb modules when running
some commands directly after a make install

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agos4-ldb: better error message when we try to register a module twice
Andrew Tridgell [Sun, 7 Nov 2010 23:58:28 +0000 (10:58 +1100)]
s4-ldb: better error message when we try to register a module twice

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agos4-pydrs: validate the DsGetNCChanges response
Andrew Tridgell [Sun, 7 Nov 2010 23:14:50 +0000 (10:14 +1100)]
s4-pydrs: validate the DsGetNCChanges response

check that object_count matches up with first_object

9 years agos4-join: modify join behaviour according to domain level
Andrew Tridgell [Sun, 7 Nov 2010 02:55:20 +0000 (13:55 +1100)]
s4-join: modify join behaviour according to domain level

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sun Nov  7 23:32:16 UTC 2010 on sn-devel-104

9 years agos4-drs: allow override of the replica_flags
Andrew Tridgell [Sun, 7 Nov 2010 02:53:13 +0000 (13:53 +1100)]
s4-drs: allow override of the replica_flags

9 years agos4-dsdb: give the DN on a shema attribute failure
Andrew Tridgell [Sun, 7 Nov 2010 00:25:00 +0000 (11:25 +1100)]
s4-dsdb: give the DN on a shema attribute failure

9 years agos4:ldap.py - add more "objectGUID" related tests
Matthias Dieter Wallnöfer [Sun, 7 Nov 2010 19:10:48 +0000 (20:10 +0100)]
s4:ldap.py - add more "objectGUID" related tests

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Nov  7 21:12:03 UTC 2010 on sn-devel-104

9 years agos4:objectguid LDB module - fix typo in output message
Matthias Dieter Wallnöfer [Sun, 7 Nov 2010 19:10:29 +0000 (20:10 +0100)]
s4:objectguid LDB module - fix typo in output message

9 years agos4:objectguid LDB module - objectGUIDs cannot be specified on add operations
Matthias Dieter Wallnöfer [Sun, 7 Nov 2010 19:09:51 +0000 (20:09 +0100)]
s4:objectguid LDB module - objectGUIDs cannot be specified on add operations

9 years agos4:upgradeprovision - remove some "recalculate_sd" uses
Matthias Dieter Wallnöfer [Sun, 7 Nov 2010 17:51:43 +0000 (18:51 +0100)]
s4:upgradeprovision - remove some "recalculate_sd" uses

We need "recalculate_sd" only when no external "nTSecurityDescriptor" change
is performed. Otherwise the recalculation is performed automatically.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Nov  7 18:52:42 UTC 2010 on sn-devel-104

9 years agos4:descriptor LDB module - make the "nTSecurityDescriptor" attribute fully behave...
Matthias Dieter Wallnöfer [Mon, 1 Nov 2010 16:51:36 +0000 (17:51 +0100)]
s4:descriptor LDB module - make the "nTSecurityDescriptor" attribute fully behave as in AD

- fix crash when provided "nTSecurityDescriptor" attribute is empty
- print out the correct error codes if it's provided multi-valued
- simplify the "recalculate_sd" control handling

9 years agos4:ldb_modules/util.c - "dsdb_get_single_valued_attr" - support the attribute fetch...
Matthias Dieter Wallnöfer [Sun, 7 Nov 2010 10:27:26 +0000 (11:27 +0100)]
s4:ldb_modules/util.c - "dsdb_get_single_valued_attr" - support the attribute fetch also on LDB add operations

We've to completely ignore the flags in that case.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Nov  7 11:10:23 UTC 2010 on sn-devel-104

9 years agoldb:ldb_pack.c - the "dn" attribute isn't allowed in the message part, only the ...
Matthias Dieter Wallnöfer [Sun, 7 Nov 2010 09:04:22 +0000 (10:04 +0100)]
ldb:ldb_pack.c - the "dn" attribute isn't allowed in the message part, only the "distinguishedName" one

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Nov  7 10:11:02 UTC 2010 on sn-devel-104

9 years agos4:torture/dssync.c - remove unused variable
Matthias Dieter Wallnöfer [Sun, 7 Nov 2010 08:55:19 +0000 (09:55 +0100)]
s4:torture/dssync.c - remove unused variable

9 years agos4:descriptor LDB module - save a pointer to the request message on the temporary...
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 22:04:55 +0000 (23:04 +0100)]
s4:descriptor LDB module - save a pointer to the request message on the temporary "ac" context

This prevents two calls of "ldb_msg_copy_shallow".

9 years agos4:descriptor LDB module - by "dsdb_next_callback" we don't need anymore the default...
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 21:49:08 +0000 (22:49 +0100)]
s4:descriptor LDB module - by "dsdb_next_callback" we don't need anymore the default operation callback implementations

Only customised ones still need to remain.

9 years agos4:descriptor LDB module - remove a bit pointless memory context
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 21:39:40 +0000 (22:39 +0100)]
s4:descriptor LDB module - remove a bit pointless memory context

For only one operation we do not need an additional "mem_ctx". "ac" should be
enough (see for example the samldb LDB module).

9 years agos4:descriptor LDB module - remove a "ldb_msg_sanity_check" call
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 21:38:15 +0000 (22:38 +0100)]
s4:descriptor LDB module - remove a "ldb_msg_sanity_check" call

This check (the structural objectclass) is performed in the objectclass LDB
module.

9 years agos4:descriptor LDB module - don't ignore referrals if we are executing an ordinary...
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 21:27:13 +0000 (22:27 +0100)]
s4:descriptor LDB module - don't ignore referrals if we are executing an ordinary external search operation

Referrals are valid results.

9 years agocredentials: Lowercase library name,
Jelmer Vernooij [Sun, 7 Nov 2010 01:05:51 +0000 (02:05 +0100)]
credentials: Lowercase library name,

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Nov  7 01:48:44 UTC 2010 on sn-devel-104

9 years agoldbsamba: Lowercase library name.
Jelmer Vernooij [Sun, 7 Nov 2010 00:57:34 +0000 (01:57 +0100)]
ldbsamba: Lowercase library name.

9 years agosamdb: Lowercase library name.
Jelmer Vernooij [Sun, 7 Nov 2010 00:52:13 +0000 (01:52 +0100)]
samdb: Lowercase library name.

9 years agosamdb: Make private (at least for the moment).
Jelmer Vernooij [Sun, 7 Nov 2010 00:44:26 +0000 (01:44 +0100)]
samdb: Make private (at least for the moment).

9 years agopytalloc: Make some arguments optional.
Jelmer Vernooij [Fri, 5 Nov 2010 12:48:34 +0000 (13:48 +0100)]
pytalloc: Make some arguments optional.

9 years agoldb:ldb_parse.c - "ldb_parse_hex2char" - always initialise "c"
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 20:22:53 +0000 (21:22 +0100)]
ldb:ldb_parse.c - "ldb_parse_hex2char" - always initialise "c"

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Nov  6 21:04:58 UTC 2010 on sn-devel-104

9 years agos4:ldap.py - enhance the "distinguishedName" tests
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 19:47:51 +0000 (20:47 +0100)]
s4:ldap.py - enhance the "distinguishedName" tests

The "dn" shortcut isn't supported by AD.

9 years agos4:update_keytab LDB module - we don't need to search for the "distinguishedName...
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 19:23:35 +0000 (20:23 +0100)]
s4:update_keytab LDB module - we don't need to search for the "distinguishedName" attribute

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Nov  6 20:08:28 UTC 2010 on sn-devel-104

9 years agos4:operational LDB module - "canonicalName" doesn't make use of the "distinguishedNam...
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 19:18:40 +0000 (20:18 +0100)]
s4:operational LDB module - "canonicalName" doesn't make use of the "distinguishedName" attribute

It uses the DN from the returned message

9 years agoldb:ldb_tdb.c - ltdb_check_special_dn - fix indentation
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 18:46:42 +0000 (19:46 +0100)]
ldb:ldb_tdb.c - ltdb_check_special_dn - fix indentation

9 years agoldb:ldb_tdb.c - make "ltdb_add" more similar to "ltdb_modify"
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 18:38:47 +0000 (19:38 +0100)]
ldb:ldb_tdb.c - make "ltdb_add" more similar to "ltdb_modify"

And remove in "ltdb_add_internal" a cache loading call which has been present
twice.

9 years agos4:samr RPC server - "dcesrv_samr_RemoveMemberFromForeignDomain"
Matthias Dieter Wallnöfer [Sat, 6 Nov 2010 17:18:44 +0000 (18:18 +0100)]
s4:samr RPC server - "dcesrv_samr_RemoveMemberFromForeignDomain"

- Remove TODO comment: MS-SAMR 3.1.5.8.7 explicitly states:
  "The SamrRemoveMemberFromForeignDomain method removes a member from all
  aliases."

- Remove the search attributes since they aren't strictly needed.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Nov  6 18:07:57 UTC 2010 on sn-devel-104

9 years agos4:DRS-RPC-DSSYNC: don't try to decrypt secret attributes twice
Stefan Metzmacher [Sat, 6 Nov 2010 12:41:34 +0000 (13:41 +0100)]
s4:DRS-RPC-DSSYNC: don't try to decrypt secret attributes twice

dsdb_extended_replicated_objects_convert() already decrypts the
attributes in place.

This fixes the usage of --option="dssync:print_pwd_blobs=yes".

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Nov  6 13:30:16 UTC 2010 on sn-devel-104

9 years agos4-cldap: fixed debug message to match content
Andrew Tridgell [Sat, 6 Nov 2010 03:44:33 +0000 (14:44 +1100)]
s4-cldap: fixed debug message to match content

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sat Nov  6 04:26:45 UTC 2010 on sn-devel-104

9 years agos4-join: fixed SPNs, invocationId and dnshostname and python join
Andrew Tridgell [Sat, 6 Nov 2010 03:35:30 +0000 (14:35 +1100)]
s4-join: fixed SPNs, invocationId and dnshostname and python join

- we need the GN/ SPN for replication.
- fixed the string form of the invocationId
- lowercase the dnshostname

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agos4-join: switch over to the new DC join in make test
Andrew Tridgell [Fri, 5 Nov 2010 07:57:36 +0000 (18:57 +1100)]
s4-join: switch over to the new DC join in make test

9 years agosamba-tool: deprecate samba-tool vampire command
Andrew Tridgell [Fri, 5 Nov 2010 03:16:49 +0000 (14:16 +1100)]
samba-tool: deprecate samba-tool vampire command

9 years agos3: Make proper use of sid_check_is_in_xx routines
Volker Lendecke [Fri, 5 Nov 2010 14:48:44 +0000 (15:48 +0100)]
s3: Make proper use of sid_check_is_in_xx routines

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Nov  5 15:35:59 UTC 2010 on sn-devel-104

9 years agos3: Fix a typo
Volker Lendecke [Fri, 5 Nov 2010 14:44:55 +0000 (15:44 +0100)]
s3: Fix a typo

9 years agos3: Remove some duplicate prototypes
Volker Lendecke [Fri, 5 Nov 2010 14:38:28 +0000 (15:38 +0100)]
s3: Remove some duplicate prototypes

9 years agosocket_wrapper: fill in sa.sa_len if the system supports it
Stefan Metzmacher [Fri, 5 Nov 2010 08:43:05 +0000 (09:43 +0100)]
socket_wrapper: fill in sa.sa_len if the system supports it

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Nov  5 14:40:00 UTC 2010 on sn-devel-104

9 years agos4-join: fixed secure_channel_type
Andrew Tridgell [Fri, 5 Nov 2010 08:09:45 +0000 (19:09 +1100)]
s4-join: fixed secure_channel_type

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Fri Nov  5 13:24:32 UTC 2010 on sn-devel-104

9 years agos4-join: don't print all the NDR packets by default
Andrew Tridgell [Fri, 5 Nov 2010 07:57:17 +0000 (18:57 +1100)]
s4-join: don't print all the NDR packets by default

9 years agos4-cldap: print all the DNS servers found
Andrew Tridgell [Fri, 5 Nov 2010 07:56:46 +0000 (18:56 +1100)]
s4-cldap: print all the DNS servers found

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agos4-ldb: much more memory efficient msg filtering
Andrew Tridgell [Fri, 5 Nov 2010 07:50:29 +0000 (18:50 +1100)]
s4-ldb: much more memory efficient msg filtering

this ensures we don't leave unnecessary attributes in returned ldb
objects

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agos4-drs: reduce the memory usage of the getncchanges server
Andrew Tridgell [Fri, 5 Nov 2010 07:28:04 +0000 (18:28 +1100)]
s4-drs: reduce the memory usage of the getncchanges server

we now keep just a list of GUIDs around between getncchanges calls,
instead of an entire db search. This makes the overhead of having a
pending getncchanges call much smaller.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

9 years agos4-kerberos Mention the remote address we fail to contact the KDC on
Andrew Bartlett [Fri, 5 Nov 2010 06:08:52 +0000 (17:08 +1100)]
s4-kerberos Mention the remote address we fail to contact the KDC on

9 years agos4-ldb: show the reason for module initialization failure
Andrew Tridgell [Fri, 5 Nov 2010 03:10:30 +0000 (14:10 +1100)]
s4-ldb: show the reason for module initialization failure

9 years agos4: net -> samba-tool
Andrew Tridgell [Fri, 5 Nov 2010 03:10:11 +0000 (14:10 +1100)]
s4: net -> samba-tool

9 years agos4-join: added DC join to the python join code
Andrew Tridgell [Fri, 5 Nov 2010 03:09:49 +0000 (14:09 +1100)]
s4-join: added DC join to the python join code

this will replace the old vampire code

9 years agos4-pydrs: added rodc option to python drs replication
Andrew Tridgell [Fri, 5 Nov 2010 03:08:49 +0000 (14:08 +1100)]
s4-pydrs: added rodc option to python drs replication

9 years agos4-pydsdb: added DsReplicaAttribute()
Andrew Tridgell [Fri, 5 Nov 2010 03:06:10 +0000 (14:06 +1100)]
s4-pydsdb: added DsReplicaAttribute()

this allows us to form a DsReplicaAttribute structure from python