nivanova/samba-autobuild/.git
10 years agoMerge branch 'master' of ssh://jra@git.samba.org/data/git/samba
Jeremy Allison [Sat, 17 Oct 2009 17:36:33 +0000 (10:36 -0700)]
Merge branch 'master' of ssh://jra@git.samba.org/data/git/samba

10 years agos3:winbind: Move fillup_pw_field() as static to wb_fill_pwent.c
Volker Lendecke [Sat, 17 Oct 2009 15:00:13 +0000 (17:00 +0200)]
s3:winbind: Move fillup_pw_field() as static to wb_fill_pwent.c

10 years agos4-smbserver: removed bogus initialisation of two union arms
Andrew Tridgell [Sat, 17 Oct 2009 02:12:24 +0000 (13:12 +1100)]
s4-smbserver: removed bogus initialisation of two union arms

Thanks to Metze for spotting this.

10 years agos4-pvfs: when uwrap is enabled, ignore chown errors
Andrew Tridgell [Sat, 17 Oct 2009 01:58:17 +0000 (12:58 +1100)]
s4-pvfs: when uwrap is enabled, ignore chown errors

chown is expected to fail under uwrap

10 years agos4-torture: fixed the default ACL for s4
Andrew Tridgell [Sat, 17 Oct 2009 01:50:51 +0000 (12:50 +1100)]
s4-torture: fixed the default ACL for s4

s4 returns group and world ACEs in the default acl, based on unix
permissions

10 years agos4-torture: minor debugging enhancements
Andrew Tridgell [Fri, 16 Oct 2009 23:54:46 +0000 (10:54 +1100)]
s4-torture: minor debugging enhancements

10 years agos4-schema: We should not need Samba4TopExtra now
Andrew Tridgell [Fri, 16 Oct 2009 23:50:08 +0000 (10:50 +1100)]
s4-schema: We should not need Samba4TopExtra now

The last attribute this contained was 'privilege' which is now gone

10 years agos4-pvfs: don't auto-apply privilege bits in unix acl handling either
Andrew Tridgell [Fri, 16 Oct 2009 22:09:42 +0000 (09:09 +1100)]
s4-pvfs: don't auto-apply privilege bits in unix acl handling either

10 years agos4-acl: SEC_FLAG_MAXIMUM_ALLOWED doesn't auto-apply privilege access masks
Andrew Tridgell [Fri, 16 Oct 2009 22:09:19 +0000 (09:09 +1100)]
s4-acl: SEC_FLAG_MAXIMUM_ALLOWED doesn't auto-apply privilege access masks

10 years agos4-torture: the BASE-CREATEX_ACCESS test is broken for non-administrators
Andrew Tridgell [Fri, 16 Oct 2009 12:06:02 +0000 (23:06 +1100)]
s4-torture: the BASE-CREATEX_ACCESS test is broken for non-administrators

See my msg to samba-technical about this test and privilege testing.

10 years agos4-torture: cleanup after the MAXIMUM_ALLOWED test
Andrew Tridgell [Fri, 16 Oct 2009 12:04:01 +0000 (23:04 +1100)]
s4-torture: cleanup after the MAXIMUM_ALLOWED test

10 years agos4-pvfs: use privileges rather than "uid == 0" in unix access check
Andrew Tridgell [Fri, 16 Oct 2009 12:03:42 +0000 (23:03 +1100)]
s4-pvfs: use privileges rather than "uid == 0" in unix access check

This makes the unix access check much closer to the full ACL check

10 years agos4-security: honor more of the privilege access bits
Andrew Tridgell [Fri, 16 Oct 2009 12:02:58 +0000 (23:02 +1100)]
s4-security: honor more of the privilege access bits

10 years agos4-torture: add a special check for administrators and privileges
Andrew Tridgell [Fri, 16 Oct 2009 07:23:42 +0000 (18:23 +1100)]
s4-torture: add a special check for administrators and privileges

lsa privileges calls don't expand groups. darn.

10 years agos4-lsasrv: make sure only admins can alter privileges
Andrew Tridgell [Fri, 16 Oct 2009 07:22:48 +0000 (18:22 +1100)]
s4-lsasrv: make sure only admins can alter privileges

10 years agos4-provision: added the default privileges db
Andrew Tridgell [Fri, 16 Oct 2009 07:01:35 +0000 (18:01 +1100)]
s4-provision: added the default privileges db

privileges are now stored in a separate database

10 years agos4-provision: removed the old privilege attributes
Andrew Tridgell [Fri, 16 Oct 2009 07:01:02 +0000 (18:01 +1100)]
s4-provision: removed the old privilege attributes

Our schema is getting a bit cleaner :-)

10 years agos4-torture: show the sid we are basing privilege tests on
Andrew Tridgell [Fri, 16 Oct 2009 06:05:48 +0000 (17:05 +1100)]
s4-torture: show the sid we are basing privilege tests on

10 years agos4-privileges: moved privileges to private/privilege.ldb
Andrew Tridgell [Fri, 16 Oct 2009 06:05:27 +0000 (17:05 +1100)]
s4-privileges: moved privileges to private/privilege.ldb

We were storing privileges in the sam, which was OK when we were a
standalone DC, but is no good when we replicate with a windows DC.

This moves the privileges to a separate (local) database

10 years agoadded NT_STATUS_NOT_OK_RETURN_AND_FREE()
Andrew Tridgell [Fri, 16 Oct 2009 06:04:19 +0000 (17:04 +1100)]
added NT_STATUS_NOT_OK_RETURN_AND_FREE()

Try to make it a bit easier to avoid leaks in common code

10 years agoAdd comment explaining about symlink following & posix.
Jeremy Allison [Sat, 17 Oct 2009 01:13:06 +0000 (18:13 -0700)]
Add comment explaining about symlink following & posix.
Jeremy.

10 years agoLast 2 VFS_STAT -> LSTAT fixes I can see in the modules code.
Jeremy Allison [Sat, 17 Oct 2009 00:20:40 +0000 (17:20 -0700)]
Last 2 VFS_STAT -> LSTAT fixes I can see in the modules code.
Jeremy.

10 years agoFix one missing STAT -> LSTAT with POSIX pathnames in vfs_xattr_tdb.c. Caught by...
Jeremy Allison [Fri, 16 Oct 2009 23:37:20 +0000 (16:37 -0700)]
Fix one missing STAT -> LSTAT with POSIX pathnames in vfs_xattr_tdb.c. Caught by the torture tester. I love unit tests :-). Jeremy.

10 years agos3: build pam_smbpass when possible
Björn Jacke [Fri, 16 Oct 2009 21:40:34 +0000 (23:40 +0200)]
s3: build pam_smbpass when possible

10 years agos3-netlogon: fix updating trust accout passwords with downlevel domains.
Günther Deschner [Fri, 16 Oct 2009 16:01:19 +0000 (18:01 +0200)]
s3-netlogon: fix updating trust accout passwords with downlevel domains.

When choosing the netlogon password set function, make sure to look at the
*negotiated* flags in the cli->dc state, not the ones we start the negotiation
with.

Guenther

10 years agonsswitch: increase libwbclient version after adding wbcChangeTrustCredentials().
Günther Deschner [Fri, 16 Oct 2009 14:07:31 +0000 (16:07 +0200)]
nsswitch: increase libwbclient version after adding wbcChangeTrustCredentials().

Guenther

10 years agos3:packaging: Fix building RHEL packages.
Karolin Seeger [Fri, 16 Oct 2009 14:00:26 +0000 (16:00 +0200)]
s3:packaging: Fix building RHEL packages.

Fix bug #6721.
Thanks to Eero Volotinen <eero.volotinen@medicel.com> for providing the patch!

Karolin

10 years agos3:srv_samr_nt - another fix for the reject reason
Matthias Dieter Wallnöfer [Fri, 16 Oct 2009 13:24:20 +0000 (15:24 +0200)]
s3:srv_samr_nt - another fix for the reject reason

10 years agos4-smbtorture: extend netr_LogonControl test in RPC-NETLOGON.
Günther Deschner [Wed, 14 Oct 2009 09:58:21 +0000 (11:58 +0200)]
s4-smbtorture: extend netr_LogonControl test in RPC-NETLOGON.

Guenther

10 years agos3-netlogon: Fix _netr_ServerPasswordSet2 cleartext blob handling.
Günther Deschner [Fri, 16 Oct 2009 10:09:55 +0000 (12:09 +0200)]
s3-netlogon: Fix _netr_ServerPasswordSet2 cleartext blob handling.

Following Andrew's advice, let's straight md4 the plaintext blob and avoid
trying to get a paintext string out of the input the client sends.

Guenther

10 years agos4-smbtorture: test wbcLookupUserSids in WINBIND-WBCLIENT as well.
Günther Deschner [Fri, 16 Oct 2009 12:51:49 +0000 (14:51 +0200)]
s4-smbtorture: test wbcLookupUserSids in WINBIND-WBCLIENT as well.

Guenther

10 years agos4-smbtorture: test wbcGuidToString and friends as well in WINBIND-WBCLIENT.
Günther Deschner [Fri, 16 Oct 2009 11:38:57 +0000 (13:38 +0200)]
s4-smbtorture: test wbcGuidToString and friends as well in WINBIND-WBCLIENT.

Guenther

10 years agos4:provision - fixed invalid creationTime format
Endi S. Dewata [Wed, 14 Oct 2009 06:04:00 +0000 (01:04 -0500)]
s4:provision - fixed invalid creationTime format

10 years agos4:ldb - fixed dangling pointer in ldb_request_add_control()
Endi S. Dewata [Wed, 14 Oct 2009 05:54:52 +0000 (00:54 -0500)]
s4:ldb - fixed dangling pointer in ldb_request_add_control()

10 years agos4:auth - fixed problem reading bind DN from secrets database
Endi S. Dewata [Fri, 9 Oct 2009 19:30:51 +0000 (14:30 -0500)]
s4:auth - fixed problem reading bind DN from secrets database

10 years agos4:provision - replaced linked_attributes with FDS plugins
Endi S. Dewata [Fri, 9 Oct 2009 18:36:04 +0000 (13:36 -0500)]
s4:provision - replaced linked_attributes with FDS plugins

When FDS is used as a backend, Samba should not use the
linked_attributes LDB module, but instead use the built-in
DS plugins for attribute linking, indexing, and referential
integrity.

10 years agos4:auth_sam: Restructure tail in "authsam_get_server_info_principal" and fix a memory...
Matthias Dieter Wallnöfer [Fri, 16 Oct 2009 11:48:17 +0000 (13:48 +0200)]
s4:auth_sam: Restructure tail in "authsam_get_server_info_principal" and fix a memory leak

10 years agos4:winsdb - Substitute LDB result numbers with constants
Matthias Dieter Wallnöfer [Fri, 16 Oct 2009 11:42:58 +0000 (13:42 +0200)]
s4:winsdb - Substitute LDB result numbers with constants

10 years agos3: Try to fix the build on Solaris & AIX regarding the password change reject reason
Matthias Dieter Wallnöfer [Fri, 16 Oct 2009 10:25:34 +0000 (12:25 +0200)]
s3: Try to fix the build on Solaris & AIX regarding the password change reject reason

10 years agos4/drs(tort): prefixMap unit test initial implementatoin
Kamen Mazdrashki [Wed, 7 Oct 2009 23:56:22 +0000 (02:56 +0300)]
s4/drs(tort): prefixMap unit test initial implementatoin

10 years agos4/drs: prefixMap module initial definition
Kamen Mazdrashki [Wed, 7 Oct 2009 23:55:28 +0000 (02:55 +0300)]
s4/drs: prefixMap module initial definition

10 years agos4/drs(tort): fix compile time warning
Kamen Mazdrashki [Wed, 7 Oct 2009 15:32:43 +0000 (18:32 +0300)]
s4/drs(tort): fix compile time warning

10 years agos4/drs(tort): _drs_util_verify_attids() to verify ATTIDs in objects received
Kamen Mazdrashki [Tue, 6 Oct 2009 08:42:02 +0000 (11:42 +0300)]
s4/drs(tort): _drs_util_verify_attids() to verify ATTIDs in objects received

10 years agos4/drs(tort): drs_util_DsAttributeId_to_string() function
Kamen Mazdrashki [Tue, 6 Oct 2009 08:38:42 +0000 (11:38 +0300)]
s4/drs(tort): drs_util_DsAttributeId_to_string() function

10 years agos4/drs(tort): _drs_ldap_attr_by_oid() implementation
Kamen Mazdrashki [Sun, 27 Sep 2009 14:04:04 +0000 (17:04 +0300)]
s4/drs(tort): _drs_ldap_attr_by_oid() implementation

Utility function to be used to fetch Attribute name and DN
giving attribute OID

10 years agos4/drs(tort): ignore drs/proto.h file
Kamen Mazdrashki [Tue, 6 Oct 2009 08:35:51 +0000 (11:35 +0300)]
s4/drs(tort): ignore drs/proto.h file

10 years agos4/drs(tort): oid_from_attid() reference implementation
Kamen Mazdrashki [Tue, 6 Oct 2009 05:40:15 +0000 (08:40 +0300)]
s4/drs(tort): oid_from_attid() reference implementation

Decode Attribute OID using prefixMap and
ATTID received during replication

Based on MS documentation. See MS-DRSR.pdf - 5.16.4

10 years agos4/drs(tort): TORTURE_DRS torture module - initial implementation
Kamen Mazdrashki [Mon, 5 Oct 2009 15:39:13 +0000 (18:39 +0300)]
s4/drs(tort): TORTURE_DRS torture module - initial implementation

Drsuapi tests module registers two suites:
 - DRS-RPC - tests to be executed against remote machine
 - DRS-UNIT - unit test for internal testing

10 years agos4/drs: Propagate redefinition of drsuapi_DsReplicaOID into code base
Kamen Mazdrashki [Sun, 11 Oct 2009 18:00:55 +0000 (21:00 +0300)]
s4/drs: Propagate redefinition of drsuapi_DsReplicaOID into code base

The biggest change is that 'oid' field is transmited in binary format.
Also the field name is changed to 'binary_oid' so that
field format to be clear for callers.

After those changes, Samba4 should work the way it works before -
i.e. no added value here but we should not fail when
partial-oid is part of prefixMap transmited from Win server.

Also, thre is a bug in this patch - partial-binary-OIDs are
not handled correctly. Partial-binary-OIDs received during
replication will be encoded, but not handled correctly.

10 years agos4/drs(NDR): Print implementation for drsuapi_DsReplicaOID
Kamen Mazdrashki [Mon, 5 Oct 2009 10:28:12 +0000 (13:28 +0300)]
s4/drs(NDR): Print implementation for drsuapi_DsReplicaOID

Custom ndr_print functions is implemented so that transmited
partia-binary-oid to be printed both in hex and
partial-oid formats

10 years agos4/drs(NDR): Remove push/pull code for drsuapi_DsReplicaOID struct
Kamen Mazdrashki [Mon, 5 Oct 2009 10:23:48 +0000 (13:23 +0300)]
s4/drs(NDR): Remove push/pull code for drsuapi_DsReplicaOID struct

New structure definition is automarshaled so custom marshaling
code is not used anymore

10 years agos4/asn1: Use explicite TALLOC_CTX in ber_write_OID functions
Kamen Mazdrashki [Mon, 5 Oct 2009 01:46:20 +0000 (04:46 +0300)]
s4/asn1: Use explicite TALLOC_CTX in ber_write_OID functions

10 years agos4/drs(idl): Regenerate idl
Kamen Mazdrashki [Fri, 2 Oct 2009 15:30:14 +0000 (18:30 +0300)]
s4/drs(idl): Regenerate idl

10 years agos4/drs(idl): Redefine drsuapi_DsReplicaOID in drsuapi.idl
Kamen Mazdrashki [Fri, 2 Oct 2009 15:29:44 +0000 (18:29 +0300)]
s4/drs(idl): Redefine drsuapi_DsReplicaOID in drsuapi.idl

Structure redefined to be more similar with OID_t structure
defined in [ref. MS-DRSR.pdf - p.496].

10 years agos3-libnetapi: add nltest tool.
Günther Deschner [Wed, 14 Oct 2009 23:04:27 +0000 (01:04 +0200)]
s3-libnetapi: add nltest tool.

Guenther

10 years agos3-libnetapi: add I_NetLogonControl{2} example code.
Günther Deschner [Tue, 13 Oct 2009 14:47:32 +0000 (16:47 +0200)]
s3-libnetapi: add I_NetLogonControl{2} example code.

Guenther

10 years agos3-libnetapi: add I_NetLogonControl{2} to public headers.
Günther Deschner [Tue, 13 Oct 2009 14:46:54 +0000 (16:46 +0200)]
s3-libnetapi: add I_NetLogonControl{2} to public headers.

Guenther

10 years agos3-libnetapi: fill in I_NetLogonControl{2}_r.
Günther Deschner [Tue, 13 Oct 2009 14:03:58 +0000 (16:03 +0200)]
s3-libnetapi: fill in I_NetLogonControl{2}_r.

Guenther

10 years agos3-libnetapi: add I_NetLogonControl{2} skeleton.
Günther Deschner [Tue, 13 Oct 2009 13:47:56 +0000 (15:47 +0200)]
s3-libnetapi: add I_NetLogonControl{2} skeleton.

Guenther

10 years agos3-libnetapi: add I_NetLogonControl{2} to IDL.
Günther Deschner [Tue, 13 Oct 2009 13:39:27 +0000 (15:39 +0200)]
s3-libnetapi: add I_NetLogonControl{2} to IDL.

Guenther

10 years agos4-winsrepl: don't put in attributes with no elements
Andrew Tridgell [Fri, 16 Oct 2009 00:41:52 +0000 (11:41 +1100)]
s4-winsrepl: don't put in attributes with no elements

Empty attributes are no longer allowed by ldb. This also fixes the
error checking in winsdb_message()

This fixes the samba4.nbt.winsreplication test

10 years agos3-selftest: enable WINBIND-WBCLIENT against s3.
Günther Deschner [Thu, 15 Oct 2009 23:58:49 +0000 (01:58 +0200)]
s3-selftest: enable WINBIND-WBCLIENT against s3.

Guenther

10 years agos4-smbtorture: add very basic libwbclient testsuite.
Günther Deschner [Thu, 15 Oct 2009 22:33:38 +0000 (00:33 +0200)]
s4-smbtorture: add very basic libwbclient testsuite.

Guenther

10 years agos3-net: fix build warning (missing default in switch).
Günther Deschner [Thu, 15 Oct 2009 23:59:08 +0000 (01:59 +0200)]
s3-net: fix build warning (missing default in switch).

Guenther

10 years agoFix valgrind memory leak in bug #6814 - Fixes for problems reported by valgrind
Jeremy Allison [Thu, 15 Oct 2009 23:55:40 +0000 (16:55 -0700)]
Fix valgrind memory leak in bug #6814 - Fixes for problems reported by valgrind
Jeremy.

10 years agos3: fixed krb5 build problem on ubuntu karmic
Andrew Tridgell [Thu, 15 Oct 2009 23:40:50 +0000 (10:40 +1100)]
s3: fixed krb5 build problem on ubuntu karmic

Karmic has MIT krb5 1.7-beta3, which has the symbol
krb5_auth_con_set_req_cksumtype but no prototype for it.

See also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=531635

10 years agos4-pvfs: fixed mask handling for SEC_FLAG_MAXIMUM_ALLOWED
Andrew Tridgell [Thu, 15 Oct 2009 23:05:02 +0000 (10:05 +1100)]
s4-pvfs: fixed mask handling for SEC_FLAG_MAXIMUM_ALLOWED

This matches the sec_access_check() code

10 years agos4-torture: take privileges into account in BASE-MAXIMUM_ALLOWED
Andrew Tridgell [Thu, 15 Oct 2009 23:04:26 +0000 (10:04 +1100)]
s4-torture: take privileges into account in BASE-MAXIMUM_ALLOWED

The correct answer depends on the users privileges.

10 years agoidl: added bit definition for privilege masks
Andrew Tridgell [Thu, 15 Oct 2009 23:01:28 +0000 (10:01 +1100)]
idl: added bit definition for privilege masks

When you have backup or restore privileges, you automatically get
extra access bits in ACL interpretation. This adds definitions for the
bits you get.

10 years agos4:dcerpc_server - Read the generic session key out from "dcerpc_generic_session_key"
Matthias Dieter Wallnöfer [Thu, 15 Oct 2009 11:24:30 +0000 (13:24 +0200)]
s4:dcerpc_server - Read the generic session key out from "dcerpc_generic_session_key"

I don't think that this code needs to exist identically on the server and on the
client side. This patch leaves it on the client side (dcerpc lib) and calls it
from the server.

10 years agos3-spnego: fix memleak in spnego_parse_auth().
Günther Deschner [Thu, 15 Oct 2009 13:45:20 +0000 (15:45 +0200)]
s3-spnego: fix memleak in spnego_parse_auth().

Guenther

10 years agos3-spnego: Fix Bug #6815. Windows 2008 R2 SPNEGO negTokenTarg parsing failure.
Günther Deschner [Thu, 15 Oct 2009 12:13:26 +0000 (14:13 +0200)]
s3-spnego: Fix Bug #6815. Windows 2008 R2 SPNEGO negTokenTarg parsing failure.

When parsing a SPNEGO session setup retry (falling back from KRB5 to NTLMSSP),
we failed to parse the ASN1_ENUMERATED negResult in the negTokenTarg, thus
failing spnego_parse_auth() completely.

By just using the shared spnego/asn1 code, we get the parsing the correct way.

Guenther

10 years agos4:w32err_code.py script - put it under "scripting/bin"
Matthias Dieter Wallnöfer [Thu, 15 Oct 2009 09:06:08 +0000 (11:06 +0200)]
s4:w32err_code.py script - put it under "scripting/bin"

I think this is a better location for this script. Since the subdirectory
"script" of "source4" contains only scripts for "make install" and "make
uninstall".

10 years agos3/docs: Add missing meta data to man ldbrename.
Karolin Seeger [Thu, 15 Oct 2009 10:27:24 +0000 (12:27 +0200)]
s3/docs: Add missing meta data to man ldbrename.

Avoid warnings.

Karolin

10 years agos4-smb: fill in fnum as well for root_fid
Andrew Tridgell [Thu, 15 Oct 2009 09:50:49 +0000 (20:50 +1100)]
s4-smb: fill in fnum as well for root_fid

This helps with the CIFS NTVFS backend, but doesn't solve all problems

10 years agos4-selftest: mark some CIFS backend tests as known fail
Andrew Tridgell [Thu, 15 Oct 2009 09:42:53 +0000 (20:42 +1100)]
s4-selftest: mark some CIFS backend tests as known fail

The CIFS passthru NTVFS doesn't handle some options yet (eg. root_fid)

10 years agos4-smbserver: fixed root_fid in nttrans create
Andrew Tridgell [Thu, 15 Oct 2009 07:53:23 +0000 (18:53 +1100)]
s4-smbserver: fixed root_fid in nttrans create

10 years agos4-libcli: fixed structure element bug in ntcreatexreadx
Andrew Tridgell [Thu, 15 Oct 2009 07:52:56 +0000 (18:52 +1100)]
s4-libcli: fixed structure element bug in ntcreatexreadx

This one didn't matter until the root_fid changed the alignment of the
two structures.

10 years agos4-torture: catch bad command line options
Andrew Tridgell [Thu, 15 Oct 2009 07:27:57 +0000 (18:27 +1100)]
s4-torture: catch bad command line options

It is annoying when you mistype a command line option and aren't told.

10 years agos4-pvfs: implement root_fid support in posix backend
Andrew Tridgell [Thu, 15 Oct 2009 07:27:21 +0000 (18:27 +1100)]
s4-pvfs: implement root_fid support in posix backend

Construct the filename from the old handle and the new name.

10 years agos4-smb: declare root_fid as a file handle
Andrew Tridgell [Thu, 15 Oct 2009 07:26:19 +0000 (18:26 +1100)]
s4-smb: declare root_fid as a file handle

In order to implement root_fid in the s4 SMB server we need to declare
it as a handle type, just as for other fnum values in SMB. This
required some extensive (but simple) changes in many bits of code.

10 years agos4-pvfs: fixed handling of SEC_FLAG_MAXIMUM_ALLOWED
Andrew Tridgell [Thu, 15 Oct 2009 07:23:42 +0000 (18:23 +1100)]
s4-pvfs: fixed handling of SEC_FLAG_MAXIMUM_ALLOWED

The CREATEX_ACCESS test shows that this is used as a bit test, not a
equality test

10 years agos4-ldaptest: "testgroup" is a bit too common
Andrew Tridgell [Thu, 15 Oct 2009 05:11:30 +0000 (16:11 +1100)]
s4-ldaptest: "testgroup" is a bit too common

This failed on one of my test boxes that has a group called
"testgroup". using "testgroupXX" should be a bit better.

10 years agos4:ntlmssp server - use also here the new "lp_dnsdomain()" call
Matthias Dieter Wallnöfer [Thu, 15 Oct 2009 08:30:55 +0000 (10:30 +0200)]
s4:ntlmssp server - use also here the new "lp_dnsdomain()" call

10 years agos4:auth/credentials/credentials - fix uninitalised pointers
Matthias Dieter Wallnöfer [Thu, 15 Oct 2009 08:30:07 +0000 (10:30 +0200)]
s4:auth/credentials/credentials - fix uninitalised pointers

This should fix bug #6755.

10 years agos3: fix outdated proto.h causing build error on AIX
Björn Jacke [Thu, 15 Oct 2009 01:19:47 +0000 (03:19 +0200)]
s3: fix outdated proto.h causing build error on AIX

Matthias, please check!

10 years agos4-ldap: test the rDN size limit
Andrew Tridgell [Thu, 15 Oct 2009 04:54:40 +0000 (15:54 +1100)]
s4-ldap: test the rDN size limit

10 years agos4-dsdb: implement limit on rDN length
Andrew Tridgell [Thu, 15 Oct 2009 04:54:20 +0000 (15:54 +1100)]
s4-dsdb: implement limit on rDN length

w2k8 imposes a limit of 64 characters on the rDN

10 years agos4-ldb: removed incorrect rDN length test
Andrew Tridgell [Thu, 15 Oct 2009 04:53:40 +0000 (15:53 +1100)]
s4-ldb: removed incorrect rDN length test

This is a property of AD, not ldb, so should be in our ldb
modules.

10 years agos4-ldb: removed bugus RDN length check
Andrew Tridgell [Wed, 14 Oct 2009 23:01:10 +0000 (10:01 +1100)]
s4-ldb: removed bugus RDN length check

This isn't the rDN !

10 years agos4-script: flush DNS after adding new addresses
Andrew Tridgell [Wed, 14 Oct 2009 23:00:46 +0000 (10:00 +1100)]
s4-script: flush DNS after adding new addresses

10 years agos4-devel: for devel scripts its better to use bin/ than $PREFIX/bin
Andrew Tridgell [Wed, 14 Oct 2009 21:49:21 +0000 (08:49 +1100)]
s4-devel: for devel scripts its better to use bin/ than $PREFIX/bin

This avoids having to do make install after each change when using the
drs devel scripts

10 years agos4-drs: support DRSUAPI_DRS_ADD_REF flag
Andrew Tridgell [Wed, 14 Oct 2009 09:29:39 +0000 (20:29 +1100)]
s4-drs: support DRSUAPI_DRS_ADD_REF flag

The DRSUAPI_DRS_ADD_REF flag tells the DRS server to run an UpdateRefs
call on behalf of the client after the DsGetNCChanges call. The lack
of support for this option may explain why the repsTo attribute was
not being created for w2k8-r2 replication partners.

10 years agos4-drs: implement more of DsUpdateRefs
Andrew Tridgell [Wed, 14 Oct 2009 09:25:48 +0000 (20:25 +1100)]
s4-drs: implement more of DsUpdateRefs

The DsUpdateRefs calls takes a set of flags that indicates if the
server should ignore specific add/delete error codes.

This patch also exposes the core UpdateRefs call into a public
function, so that it can be called from DsGetNCChanges

10 years agoldb: fixed display of replUpToDateVector
Andrew Tridgell [Wed, 14 Oct 2009 04:57:15 +0000 (15:57 +1100)]
ldb: fixed display of replUpToDateVector

10 years agodrs: improved error checking
Andrew Tridgell [Tue, 13 Oct 2009 08:49:08 +0000 (19:49 +1100)]
drs: improved error checking

Check the validity of the requested options in DsGetNCChanges

10 years agos4-dsdb: added samdb_rodc() and samdb_ntds_options()
Andrew Tridgell [Tue, 13 Oct 2009 08:48:13 +0000 (19:48 +1100)]
s4-dsdb: added samdb_rodc() and samdb_ntds_options()

Later we will need to make samdb_rodc() look in the database, but for
now we should at least have the function in a central place

10 years agolibds: added nTDSDSA options flags
Andrew Tridgell [Tue, 13 Oct 2009 08:46:18 +0000 (19:46 +1100)]
libds: added nTDSDSA options flags

10 years agoidl: added WSPP DrsOptions bit names
Andrew Tridgell [Tue, 13 Oct 2009 07:31:21 +0000 (18:31 +1100)]
idl: added WSPP DrsOptions bit names

This should make it much easier to work through the logic in MS-DRSR

10 years agoFix the build, missing ->.
Jeremy Allison [Wed, 14 Oct 2009 19:36:02 +0000 (12:36 -0700)]
Fix the build, missing ->.
Jeremy.