Jelmer Vernooij [Thu, 6 May 2010 09:10:21 +0000 (11:10 +0200)]
policy: Add samba.policy.get_gpo_flags binding.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Thu, 6 May 2010 16:42:14 +0000 (18:42 +0200)]
Add gpo create functionality. Also fix gPLink handling bugs
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Wed, 5 May 2010 08:12:20 +0000 (10:12 +0200)]
Fix mode_t in mkdir.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Wed, 28 Apr 2010 09:34:31 +0000 (11:34 +0200)]
Finish net gpo fetch function. Reorder arguments to make them more understandable. Rename getgpo to show.
This makes the net gpo break for it's samba 3 origins, but makes the syntax more intuitive.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Wed, 28 Apr 2010 09:27:43 +0000 (11:27 +0200)]
Optimize the backslash logic in the path traversal.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Tue, 27 Apr 2010 20:41:25 +0000 (22:41 +0200)]
Fix error in logic, making recursion work past the first level.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Tue, 27 Apr 2010 19:06:11 +0000 (21:06 +0200)]
Add fetch function for GPO which fetches all relevant files from the sysvol share.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Mon, 26 Apr 2010 15:26:51 +0000 (17:26 +0200)]
Add getinheritance and setinheritance to net gpo util and library.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Fri, 23 Apr 2010 17:12:01 +0000 (19:12 +0200)]
Implemented delete group policy link function and corresponding feature in net gpo.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Fri, 23 Apr 2010 16:10:43 +0000 (18:10 +0200)]
Changed add_gplink to set_gplink, so we can change gPLink options as well.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Fri, 23 Apr 2010 15:31:21 +0000 (17:31 +0200)]
Add add gPLink function and corresponding net gpo linkadd call.
Also added some definitions for future functions in policy.h
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Fri, 23 Apr 2010 09:58:26 +0000 (11:58 +0200)]
Rename files to reflect the libpolicy naming convention. Also fix the GNU make build.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Fri, 23 Apr 2010 09:53:04 +0000 (11:53 +0200)]
Rename libgpo to lib/policy to avoid confusion with samba3 and add waf build
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Fri, 23 Apr 2010 09:10:11 +0000 (11:10 +0200)]
Add old functionality back which was removed in commit
589a42e2.
Andrew, please review!
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Fri, 23 Apr 2010 07:32:01 +0000 (09:32 +0200)]
Add gpo list function for listing applicable GPO's for users/machines.
Implements:
* Hierarchical listing through all parent containers
* security ACL checking on the GPO
* User/computer disabled flags on the GPO
* gPLink disabled
* gPLink enforced
* Block inheritance on the container
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Wed, 7 Apr 2010 19:22:36 +0000 (21:22 +0200)]
Add gPLink and getgpo functionality to net gpo.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Wilco Baan Hofman [Tue, 6 Apr 2010 18:15:38 +0000 (20:15 +0200)]
Created net gpo and new libgpo for samba 4. This adds the init function which finds a DC and connects to its LDAP. It also can return information on all group policy objects on a DC.
Aborted earlier attempt at reconciliation with samba 3.
Did not work out due to lack of ldb support in samba 3, also the
different registry libraries and different libnet did not help..
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Kai Blin [Sun, 20 Jun 2010 14:29:24 +0000 (16:29 +0200)]
s3: Attempt to fix the build on NetBSD
Unlike Linux and OSX, NetBSD seems to have *netgrent prototypes in netgroup.h.
Jelmer Vernooij [Sun, 20 Jun 2010 13:22:49 +0000 (15:22 +0200)]
pydsdb: Mark all SamDB and Schema methods that are in pydsdb as
private, to discourage them being called directly.
Jelmer Vernooij [Sun, 20 Jun 2010 13:04:42 +0000 (15:04 +0200)]
testparm: Check netbios name and workgroup characters and length.
Jelmer Vernooij [Sun, 20 Jun 2010 12:24:54 +0000 (14:24 +0200)]
provision: Properly cancel transactions on the secrets ldb.
Jelmer Vernooij [Sun, 20 Jun 2010 12:14:47 +0000 (14:14 +0200)]
selftest: Use scripted testparm.
Jelmer Vernooij [Sun, 20 Jun 2010 12:14:01 +0000 (14:14 +0200)]
pyparam: Support Loadparm.get(p, "global")
Jelmer Vernooij [Sun, 20 Jun 2010 11:54:51 +0000 (13:54 +0200)]
ldb: Add ABI file for use when including ildap in the build.
Jelmer Vernooij [Sun, 20 Jun 2010 11:51:39 +0000 (13:51 +0200)]
testparm: Simplify default option handling.
Jelmer Vernooij [Sun, 20 Jun 2010 11:51:14 +0000 (13:51 +0200)]
pyparam: Allow specifying None as section name to LoadparmContext.get()
to mean default section.
Jelmer Vernooij [Sun, 20 Jun 2010 11:47:36 +0000 (13:47 +0200)]
testparm: Fix suppress prompt option.
Jelmer Vernooij [Sun, 20 Jun 2010 11:41:38 +0000 (13:41 +0200)]
testparm: Fix exit value, install.
Jelmer Vernooij [Sun, 20 Jun 2010 11:40:49 +0000 (13:40 +0200)]
s4-python: Add LoadparmService.dump()
Jelmer Vernooij [Sun, 20 Jun 2010 11:29:35 +0000 (13:29 +0200)]
s4-python: Implement LoadParm.dump().
Jelmer Vernooij [Sun, 20 Jun 2010 11:22:26 +0000 (13:22 +0200)]
testparm: Split up functions that do multiple things.
Jelmer Vernooij [Sun, 20 Jun 2010 11:16:30 +0000 (13:16 +0200)]
testparm: Convert to Python.
Jelmer Vernooij [Sun, 20 Jun 2010 11:15:09 +0000 (13:15 +0200)]
s4-python: Remove more unused imports, fix use of sets in upgradehelpers.
Jelmer Vernooij [Sun, 20 Jun 2010 10:19:08 +0000 (12:19 +0200)]
setnttoken: Remove empty utility.
Jelmer Vernooij [Sun, 20 Jun 2010 10:06:50 +0000 (12:06 +0200)]
Use standard Python syntax, booleans and set()'s where appropriate.
Jelmer Vernooij [Sun, 20 Jun 2010 09:59:49 +0000 (11:59 +0200)]
Remove unnecessary use of transactions.
Jelmer Vernooij [Sun, 20 Jun 2010 09:49:08 +0000 (11:49 +0200)]
ldb: Change LDBSAMBA back to subsystem, update comments, use different
ABI file based on whether ldb_ildap is included.
Stefan Metzmacher [Sun, 20 Jun 2010 09:33:43 +0000 (11:33 +0200)]
s4:ldb-samba: fix the build without a system ldb
metze
Kai Blin [Sun, 20 Jun 2010 07:49:34 +0000 (09:49 +0200)]
s3-waf: Change the (set|get|end)netgrent checks to match the configure.in checks
Kai Blin [Sun, 20 Jun 2010 07:36:19 +0000 (09:36 +0200)]
s3 configure: Check for (set|get|end)netgrent prototypes
Kai Blin [Thu, 17 Jun 2010 20:41:57 +0000 (22:41 +0200)]
build: Allow for a custom message in CHECK_C_PROTOTYPE
Jelmer Vernooij [Sun, 20 Jun 2010 00:44:39 +0000 (02:44 +0200)]
ldb: Remove last import of dsdb.
Jelmer Vernooij [Sun, 20 Jun 2010 00:32:23 +0000 (02:32 +0200)]
Some more formatting fixes, move schema related functions from Ldb to Schema.
Jelmer Vernooij [Sat, 19 Jun 2010 23:43:51 +0000 (01:43 +0200)]
Move convert_to_openldap onto Schema class.
Jelmer Vernooij [Sat, 19 Jun 2010 23:56:52 +0000 (01:56 +0200)]
Formatting cleanups; use True/False for booleans, unnecessary backslashes, spacing.
Jelmer Vernooij [Sat, 19 Jun 2010 23:37:06 +0000 (01:37 +0200)]
Move a few more samdb-specific methods to SamDB, away from Ldb.
Jelmer Vernooij [Sat, 19 Jun 2010 23:28:39 +0000 (01:28 +0200)]
samdb: Fix formatting, move get_oid_from_attid from Ldb to SamDB.
Jelmer Vernooij [Sat, 19 Jun 2010 23:26:23 +0000 (01:26 +0200)]
s4-python: Remove trivial function, replace by dictionary.
Lukasz Zalewski [Sun, 13 Jun 2010 10:02:44 +0000 (11:02 +0100)]
make test modules for net group set of commands and modification to the newuser to include additional parameters
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Lukasz Zalewski [Tue, 8 Jun 2010 19:33:56 +0000 (20:33 +0100)]
Modifications extending functionality of newuser cmd and new net group set of commands for group related operations on ldb
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Lukasz Zalewski [Mon, 7 Jun 2010 16:10:28 +0000 (17:10 +0100)]
Modifications extending functionality of newuser cmd and new net group set of commands for group related operations on ldb
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Wed, 16 Jun 2010 07:25:19 +0000 (11:25 +0400)]
s4 upgradeprovision: Make grouped commit / rollback more resistant to unexpected problems
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 14 Jun 2010 08:28:58 +0000 (12:28 +0400)]
s4 upgradeprovision: Check that the policy for DC is present if not warn the user
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Sun, 13 Jun 2010 22:14:48 +0000 (02:14 +0400)]
s4 upgradeprovision: Emit message instead of crashing when not able to set acl
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Sun, 13 Jun 2010 21:50:47 +0000 (01:50 +0400)]
s4 upgradeprovision: add an option to force the rebuilding of FS ACLs on sysvols share
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Tue, 15 Jun 2010 08:53:18 +0000 (12:53 +0400)]
s4 unittests: add unit tests for upgradehelpers
The functions tested are:
* construct_existor_expr
* search_constructed_attrs_stored
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Tue, 15 Jun 2010 08:50:29 +0000 (12:50 +0400)]
s4 upgradeprovision: Add function for searching stored constructed attributes
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 14 Jun 2010 22:41:18 +0000 (02:41 +0400)]
s4: Using control bypassoperational allow the logic of this module to be bypassed for some given attributes
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 14 Jun 2010 22:23:11 +0000 (02:23 +0400)]
ldb: add a new control bypassioperationnal
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Tue, 15 Jun 2010 19:41:39 +0000 (23:41 +0400)]
s4 upgradeprovision: additional restyling
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Wed, 9 Jun 2010 21:00:43 +0000 (01:00 +0400)]
s4 upgradeprovision: Restyle imports
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 7 Jun 2010 20:01:16 +0000 (00:01 +0400)]
s4 upgradeprovision: Move functions to helpers and improve code
Among code improvement the most significant part is that we now
compare DN object instead of their string representation. It allow
to better react to case an white space difference.
Some new move objects have been added (ie. System into well known
security principals).
This will allow more unittesting
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Fri, 7 May 2010 00:22:36 +0000 (04:22 +0400)]
s4 python: Update unit tests related to create secrets
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 24 May 2010 05:41:44 +0000 (09:41 +0400)]
s4: Add comments about setup_secrets
Comments are to inform people that this function should not handle
transaction within the function as it is mainly used in provision and
that we want to commit secrets only if all the action on secrets have
worked.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Fri, 7 May 2010 12:26:26 +0000 (16:26 +0400)]
s4 upgradeprovision: Add documentation on the update process
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 3 May 2010 20:01:00 +0000 (00:01 +0400)]
s4 python: Add unit tests for upgradeprovision related stuff
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 7 Jun 2010 20:52:25 +0000 (00:52 +0400)]
s4 upgradeprovision: move some functions to upgradehelpers for unit tests
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 7 Jun 2010 21:13:45 +0000 (01:13 +0400)]
s4 upgradeprovision: Fix style
reformat *_update_samdb functions
fix_partition_sd
rebuild_sd
update_samdb
update_privilege
update_machine_account_password
update_gpo
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 7 Jun 2010 12:27:48 +0000 (16:27 +0400)]
s4 upgradeprovision: Use replPropertyMetaData for better guess
Rework upgradeprovision in order to get more precise updates when doing upgrade provision.
This is done through the use of replPropertyMetaData information and raw information revealed by the
"reveal" control.
The code has been changed also to avoid double free error when changing the schema (for old provision).
Checking of SD is done a bit more cleverly as we compare the different parts for an ACL separately.
Fix logic when upgrading provision without replPropertyMetaData infos
Also for old provision (pre alpha9) do not copy the usn range because data here will be wrong
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 7 Jun 2010 19:47:43 +0000 (23:47 +0400)]
s4 upgradeprovision: Reformat attributes lists and reformat parser
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Thu, 8 Apr 2010 22:55:38 +0000 (02:55 +0400)]
s4 upgradeprovision: Inform about new dns dynamic update if the provision didn't have it
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 7 Jun 2010 20:21:48 +0000 (00:21 +0400)]
s4 upgradeprovision: fix style
add_deletedobj_containers
add missing objects
clean add-mising
handle special add + dump denied
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Sun, 2 May 2010 15:56:03 +0000 (19:56 +0400)]
s4 upgrade provision: Refactor code to do all the modification within 1 transaction
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Mon, 7 Jun 2010 20:21:00 +0000 (00:21 +0400)]
s4 upgrade provision: Fix style in gen_dn_index
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Sun, 2 May 2010 15:56:31 +0000 (19:56 +0400)]
s4 Add functions related to ldb manipulation when doing upgrade
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Matthieu Patou [Thu, 22 Apr 2010 08:53:12 +0000 (12:53 +0400)]
s4 provision: Add information about provisioned usn range in sam.ldb
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
Jelmer Vernooij [Sat, 19 Jun 2010 16:58:18 +0000 (18:58 +0200)]
python: Use samba.tests.TestCase, make sure base class tearDown and
setUp methods are called, fix formatting.
Jelmer Vernooij [Sat, 19 Jun 2010 16:57:35 +0000 (18:57 +0200)]
acl: Clean up formatting, use samba.tests.TestCase.
Jelmer Vernooij [Sat, 19 Jun 2010 16:57:13 +0000 (18:57 +0200)]
pyrpc: Fix reference counting when using secondary connections.
Jelmer Vernooij [Sat, 19 Jun 2010 15:49:46 +0000 (17:49 +0200)]
samba.tests.samba3: Clean up imports, use new TestCase class.
Jelmer Vernooij [Sat, 19 Jun 2010 15:49:15 +0000 (17:49 +0200)]
ntacls: Raise TestSkipped rather than writing to stdout.
Jelmer Vernooij [Sat, 19 Jun 2010 15:48:37 +0000 (17:48 +0200)]
python/passwords: Clean up imports.
Jelmer Vernooij [Sat, 19 Jun 2010 15:48:05 +0000 (17:48 +0200)]
samba.tests: Provide TestCase and TestSkipped classes (from testtools) for convenience.
Jelmer Vernooij [Sat, 19 Jun 2010 15:46:57 +0000 (17:46 +0200)]
pytdb: Cleanup formatting.
Jelmer Vernooij [Sat, 19 Jun 2010 15:32:01 +0000 (17:32 +0200)]
dsdb_schema_info: Clean up imports, avoid using rpc test case for
non-RPC tests.
Jelmer Vernooij [Sat, 19 Jun 2010 15:27:50 +0000 (17:27 +0200)]
python: Remove unnecessary Ldb.set_invocation_id - use SamDB.set_invocation_id instead.
Jelmer Vernooij [Sat, 19 Jun 2010 15:23:41 +0000 (17:23 +0200)]
pyglue: Trim dependencies.
Jelmer Vernooij [Sat, 19 Jun 2010 15:19:48 +0000 (17:19 +0200)]
pyglue: Remove unused code.
Jelmer Vernooij [Sat, 19 Jun 2010 15:15:26 +0000 (17:15 +0200)]
pydsdb: Move write_prefixes_from_schema_to_ldb to pydsdb from pyglue.
Jelmer Vernooij [Sat, 19 Jun 2010 15:09:52 +0000 (17:09 +0200)]
pydsdb: Move dsdb_set_schema_from_ldb to pydsdb.
Jelmer Vernooij [Sat, 19 Jun 2010 14:52:09 +0000 (16:52 +0200)]
pydsdb: Move set_schema_from_ldif function to pydsdb from pyglue.
Brendan Powers [Tue, 25 May 2010 20:14:37 +0000 (16:14 -0400)]
libcli: Fixed a segfault in security_acl_dup when the acl is NULL.
This can happen when duplicating a security descriptor that is missing either sacls or dacls.
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Stefan Metzmacher [Fri, 30 Apr 2010 16:47:44 +0000 (18:47 +0200)]
s4:provision: don't use hardcoded 'Default-First-Site-Name'
metze
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Matthias Dieter Wallnöfer [Sat, 19 Jun 2010 17:33:16 +0000 (19:33 +0200)]
s4:instancetype LDB module - "instanceType" is single-valued - MS-ADTS 3.1.1.5.2.2
Matthias Dieter Wallnöfer [Thu, 17 Jun 2010 13:39:06 +0000 (15:39 +0200)]
s4:torture/ldap/basic.c - add more error code/messages tests
And now we do match at least the LDAP error code (the WERROR one does still
differ from Windows - we will see how to change that).
Matthias Dieter Wallnöfer [Sat, 19 Jun 2010 12:58:31 +0000 (14:58 +0200)]
s4:ldap_backend.c - more customisations to match Windows Server error behaviour on renames
Matthias Dieter Wallnöfer [Sat, 19 Jun 2010 12:49:23 +0000 (14:49 +0200)]
ldb:ldb_dn.c - don't support "ldb_dn_add_child" on a "" parent DN
It's meaningless and could end in DNs as "cn=child,".
Matthias Dieter Wallnöfer [Fri, 18 Jun 2010 20:20:22 +0000 (22:20 +0200)]
s4:python/samba/__init__.py - now specify the "relax" control for the delete operation before the provision
Matthias Dieter Wallnöfer [Fri, 18 Jun 2010 20:17:54 +0000 (22:17 +0200)]
ldb:api.py - add a small test for the enhanced "py_ldb_delete" syntax
Matthias Dieter Wallnöfer [Fri, 18 Jun 2010 20:08:58 +0000 (22:08 +0200)]
ldb:python bindings - some small cleanup & improvements in "py_ldb_add"
Also to make it similar to "py_ldb_delete".