Michael Adam [Wed, 18 Sep 2013 01:19:58 +0000 (03:19 +0200)]
net: implement "net idmap delete ranges"
Inspired by a patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 18 Sep 2013 01:04:52 +0000 (03:04 +0200)]
idmap_autorid: add idmap_autorid_delete_domain_ranges()
This uses the new idmap_autorid_iterate_domain_ranges() function.
Based on earlier patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 18 Sep 2013 00:39:51 +0000 (02:39 +0200)]
net: add "net idmap get ranges" operation for autorid
Implemented usint the idmap_autorid_iterate_domain_ranges_read() function.
Based on earlier patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 17 Sep 2013 23:54:58 +0000 (01:54 +0200)]
idmap_autorid: add idmap_autorid_iterate_domain_ranges[_read]()
Functions to perform an action on all domain range mappings for
a given domain, specified by the domain sid.
Inspired by a previous patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 12 Sep 2013 11:45:22 +0000 (13:45 +0200)]
net: implement "net idmap delete range"
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 12 Sep 2013 21:59:15 +0000 (23:59 +0200)]
idmap_autorid: add idmap_autorid_delete_range_by_num()
query and delete a mapping specified by the range number.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 12 Sep 2013 11:44:53 +0000 (13:44 +0200)]
idmap_autorid: add idmap_autorid_delete_range_by_sid()
Delete a range mapping as specified by domain SID and range index.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Sun, 15 Sep 2013 09:58:02 +0000 (11:58 +0200)]
idmap_autorid: add idmap_autorid_build_keystr_talloc()
talloc version of idmap_autorid_build_keystr()
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 12 Sep 2013 05:37:17 +0000 (07:37 +0200)]
idmap_autorid: extend idmap_autorid_addrange to allow to set mappings below the HWM
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 10 Sep 2013 23:05:02 +0000 (01:05 +0200)]
net: implement "net idmap get range"
get the range for a domain sid and range index.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 10 Sep 2013 11:35:56 +0000 (13:35 +0200)]
idmap_autorid: improve clarity of idmap_autorid_addrange_action() by adding mem_ctx.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 9 Sep 2013 14:09:52 +0000 (16:09 +0200)]
net: add "net idmap set range" (for autorid backend)
This lets the admin store a range for a domain/index pair.
Call syntax is:
net idmap set range <RANGE> <DOMSID> [<INDEX>]
INDEX defaults to 0.
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Atul Kulkarni [Mon, 12 Aug 2013 07:39:31 +0000 (13:09 +0530)]
net: add "net idmap get config" to read the autorid config from the database
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 9 Sep 2013 23:53:14 +0000 (01:53 +0200)]
net: add "net idmap get" command
This has no subcommands yet and is added in preparation of adding some.
Signed-off-by: Michael Adam <obnox@samba.org>
Atul Kulkarni [Mon, 9 Sep 2013 23:47:46 +0000 (01:47 +0200)]
net: add "net idmap set config" command to store the autorid global config
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 9 Sep 2013 23:45:52 +0000 (01:45 +0200)]
idmap_autorid: add idmap_autorid_saveconfigstr()
Store a configuration as provided by a config string
after parsing and validating the string.
Based on similar patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Atul Kulkarni [Mon, 9 Sep 2013 23:19:52 +0000 (01:19 +0200)]
net: add new function net_idmap_opendb_autorid()
This checks the backend is autorid, and opens the db if so.
If readonly == true, the DB is simply opened for reading.
If readonly == false, the DB is created if necessary and
initialized with HWMs.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 9 Sep 2013 23:19:05 +0000 (01:19 +0200)]
net: rename "idmap_dump_ctx" to "net_idmap_ctx".
This started specific, but is now generic.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 9 Sep 2013 15:30:32 +0000 (17:30 +0200)]
net: move the "net idmap delete" functionality to subcommand "net idmap delete mapping"
This is in preparation of adding more types of entries to delete...
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 9 Sep 2013 15:13:47 +0000 (17:13 +0200)]
net: add the "net idmap set secret" subcommand as alias for "net idmap secret"
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Fri, 6 Sep 2013 16:01:20 +0000 (18:01 +0200)]
net: move the "net idmap set" functionality to subcommand "net idmap set mapping"
This is in preparation of adding more "net idmap set" subcommands for the autorid backend.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Fri, 6 Sep 2013 15:48:40 +0000 (17:48 +0200)]
net: rename "net idmap setmap" to "net idmap set"
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 9 Sep 2013 14:58:42 +0000 (16:58 +0200)]
net: improve help text for "net idmap restore"
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Mon, 9 Sep 2013 14:58:05 +0000 (16:58 +0200)]
net: improve help text for "net idmap dump"
With idmap autorid "dump ID mappings" is not precise enough any more.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 5 Sep 2013 12:53:11 +0000 (14:53 +0200)]
idmap_autorid: add a comment explaining idmap_autorid_saveconfig()
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 5 Sep 2013 12:48:28 +0000 (14:48 +0200)]
idmap_autorid: add a comment explaining idmap_autorid_loadconfig()
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 5 Sep 2013 12:47:43 +0000 (14:47 +0200)]
idmap_autorid: add a comment explaining idmap_autorid_db_init()
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 5 Sep 2013 12:45:29 +0000 (14:45 +0200)]
idmap_autorid: add a comment explaining idmap_autorid_init_hwm()
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Thu, 5 Sep 2013 12:43:26 +0000 (14:43 +0200)]
idmap_autorid: add a comment explaining idmap_autorid_get_domainrange()
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 4 Sep 2013 11:29:56 +0000 (13:29 +0200)]
idmap_autorid: Don't use db as a temporary talloc context.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 4 Sep 2013 11:13:15 +0000 (13:13 +0200)]
idmap_autorid: improve two debug messages by printing NT error codes
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 4 Sep 2013 11:11:28 +0000 (13:11 +0200)]
idmap_autorid: fix a debug message in idmap_autorid_addrange()
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 4 Sep 2013 15:49:36 +0000 (17:49 +0200)]
idmap_autorid: for clarity, add a wrapper idmap_autorid_acquire_range() to idmap_autorid_addrange()
This one calls into the HWM bumping acquire code path.
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Michael Adam [Wed, 4 Sep 2013 15:43:28 +0000 (17:43 +0200)]
idmap_autorid: add new function idmap_autorid_setrange()
This allows to directly set a range for a domsid#index pair.
It fails if a stored range is found which is different from
the requested one.
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Michael Adam [Fri, 30 Aug 2013 13:19:28 +0000 (18:49 +0530)]
idmap_autorid: factor out domain range adding code into a separate function
This also adds a new mode to the new idmap_autorid_addrange() function
that allows to set a provided range if the range is available, instead
of the original only mode of automatically allocating a new range
by incrementing the HWM counter.
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Michael Adam [Tue, 10 Sep 2013 23:04:13 +0000 (01:04 +0200)]
idmap_autorid: add idmap_autorid_getrange()
Wrapper to idmap_autorid_getrange_int().
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Sun, 15 Sep 2013 11:07:21 +0000 (13:07 +0200)]
idmap_autorid: improve a debug message in idmap_autorid_getrange_int()
Add output of status code.
Signed-off-by: Michael Adam <obnox@samba.org>
Atul Kulkarni [Fri, 30 Aug 2013 10:48:39 +0000 (16:18 +0530)]
idmap_autorid: factor out domain range fetching part from idmap_autorid_get_domainrange()
Fatored out read-only function idmap_autorid_getrange() will be used elsewhere.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Fri, 30 Aug 2013 15:31:16 +0000 (17:31 +0200)]
idmap_autorid: factor building of the keystr into a function
to avoid code duplication.
Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Atul Kulkarni [Fri, 30 Aug 2013 08:19:10 +0000 (13:49 +0530)]
idmap_autorid: remove fstring keystr from autorid_range_config
This is just used to change the behaviour of the function.
Making it more suitable to be used at other places.
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Atul Kulkarni [Fri, 30 Aug 2013 08:05:49 +0000 (13:35 +0530)]
idmap_autorid: remove autorid_global_config member from autorid_range_config
global config is not part of range config.
By removing this, autorid_range_config becomes more suitable
for using it elsewhere.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 10 Sep 2013 16:27:46 +0000 (18:27 +0200)]
idmap_autorid: improve idmap_autorid_saveconfig() by adding a talloc stackframe
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Atul Kulkarni [Wed, 28 Aug 2013 15:19:30 +0000 (17:19 +0200)]
idmap_autorid: move the checks from idmap_autorid_initialize to idmap_autorid_saveconfig()
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Atul Kulkarni [Wed, 28 Aug 2013 15:00:56 +0000 (17:00 +0200)]
idmap_autorid: add parameter checks to idmap_autorid_saveconfig()
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Atul Kulkarni [Wed, 28 Aug 2013 14:12:58 +0000 (16:12 +0200)]
idmap_autorid: improve implementation of idmap_autorid_parse_configstr()
This new implementation is more generous. It can cope with multiple spaces.
It can also print more precise error messages, when the input string is not
valid.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 10 Sep 2013 16:07:15 +0000 (18:07 +0200)]
idmap_autorid: change idmap_autorid_loadconfig() to return NTSTATUS
for better error propagation.
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Michael Adam [Wed, 28 Aug 2013 13:29:37 +0000 (15:29 +0200)]
idmap_autorid: refactor idmap_autorid_parse_configstr() out of idmap_autorid_loadconfig()
This will be used for other purposes as well.
Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Michael Adam [Tue, 10 Sep 2013 11:43:15 +0000 (13:43 +0200)]
idmap_autorid: rename TALLOC_CTX argument of idmap_autorid_loadconfig() to mem_ctx
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 28 Aug 2013 12:32:19 +0000 (14:32 +0200)]
idmap_autorid: refactor idmap_autorid_loadconfig to use idmap_config_getconfigstr
Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Michael Adam [Wed, 28 Aug 2013 12:20:13 +0000 (14:20 +0200)]
idmap_autorid_tdb: add idmap_autorid_getconfigstr()
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Atul Kulkarni [Wed, 28 Aug 2013 07:49:27 +0000 (13:19 +0530)]
idmap_autorid: extract common code to separate file
This is in preparation of adding "net idmap autorid" functionality.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Wed, 28 Aug 2013 13:07:44 +0000 (15:07 +0200)]
idmap_autorid: remove the ignore_builtin bool from the global_config struct
The ignore_builtin flag is used only to change the bahaviour of the
daemon code, not in the database.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Atul Kulkarni [Fri, 30 Aug 2013 11:29:01 +0000 (13:29 +0200)]
idmap_autorid: add path, and db parameters to idmap_autorid_db_init()
I preparation of calling this from net for different dbs.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Fri, 30 Aug 2013 11:20:15 +0000 (13:20 +0200)]
idmap_autorid: add a db_context argument to idmap_autorid_init_hwm()
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Michael Adam [Wed, 28 Aug 2013 12:03:33 +0000 (14:03 +0200)]
idmap_autorid: add a db_context argument to idmap_autorid_saveconfig()
Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Michael Adam [Wed, 28 Aug 2013 12:00:24 +0000 (14:00 +0200)]
idmap_autorid: add a db_context argument to idmap_autorid_loadconfig()
Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Michael Adam [Wed, 28 Aug 2013 11:53:22 +0000 (13:53 +0200)]
idmap_autorid: add a db_context argument to idmap_autorid_get_domainrange()
Pair-Programmed-with: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Alistair Leslie-Hughes [Thu, 26 Sep 2013 22:31:00 +0000 (08:31 +1000)]
Stop use after free
Fixes bug #10087
Thanks to Man Min Yan for their analysis and providing a solution to the issue.
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 27 14:29:46 CEST 2013 on sn-devel-104
Andrew Bartlett [Tue, 24 Sep 2013 17:18:36 +0000 (10:18 -0700)]
dsdb: Convert the full string from UTF16 to UTF8, including embedded NULLs
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
Note that this doesn't fix the userParameters problem
completely, but it doesn't truncate the userParameters value
anymore.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Sep 26 22:05:12 CEST 2013 on sn-devel-104
Nadezhda Ivanova [Tue, 24 Sep 2013 17:26:05 +0000 (10:26 -0700)]
s4-openldap: Restored openldap-related options to the provision script
At the moment they are only available if TEST_LDAP=yes to avoid accidental use
as the openldap backend is still failing some tests
Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date(master): Thu Sep 26 07:31:05 CEST 2013 on sn-devel-104
Michael Adam [Tue, 24 Sep 2013 18:07:06 +0000 (20:07 +0200)]
build: get rid of vars=locals() in source3/lib/netapi/examples/wscript_build
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Sep 25 00:51:31 CEST 2013 on sn-devel-104
Michael Adam [Tue, 24 Sep 2013 18:06:37 +0000 (20:06 +0200)]
build: get rid of vars=locals() in source3/modules/wscript_build
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Michael Adam [Tue, 24 Sep 2013 18:02:54 +0000 (20:02 +0200)]
build: get rid of source variables and vars=locals() in source3/rpc_server/wscript_build
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Michael Adam [Tue, 24 Sep 2013 03:13:55 +0000 (05:13 +0200)]
build: get rid of source strings from source3/passdb/wscript_build
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Michael Adam [Tue, 24 Sep 2013 03:09:38 +0000 (05:09 +0200)]
build: get rid of source variables and vars=locals() in source3/libgpo/gpext/wscript_build
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Michael Adam [Tue, 24 Sep 2013 03:07:08 +0000 (05:07 +0200)]
build: get rid of vars=locals() in source3/auth/wscript_build
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Michael Adam [Tue, 24 Sep 2013 03:06:22 +0000 (05:06 +0200)]
build: get rid of source-variables in source3/auth/wscript_build
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Michael Adam [Tue, 24 Sep 2013 03:03:32 +0000 (05:03 +0200)]
build: get rid of source file variables in source3/modules/wscript_build
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Andrew Bartlett [Mon, 23 Sep 2013 02:26:50 +0000 (19:26 -0700)]
dbcheck: Add back the elements that were wrongly removed from CN=Deleted Objects
This is the final part of the fix for the issue in Samba 4.1
pre-release tree where we would wrongly delete the Deleted Objects
container during a join.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Sep 24 09:31:37 CEST 2013 on sn-devel-104
Andrew Bartlett [Mon, 23 Sep 2013 02:26:10 +0000 (19:26 -0700)]
pydsdb: Raise a more useful exception when dsdb_wellknown_dn fails.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Andrew Bartlett [Mon, 23 Sep 2013 00:45:01 +0000 (17:45 -0700)]
pydsdb: Give KeyError when we fail a schema lookup in python
This allows sensible exception handling.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Andrew Bartlett [Mon, 23 Sep 2013 00:07:22 +0000 (17:07 -0700)]
dbcheck: Ensure to always increase the error_count
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 17 Sep 2013 17:10:48 +0000 (19:10 +0200)]
libsmbconf:registry: add "state directory" to the list of forbidden parameters
At the time when the registry configuration was introduced,
the registry database file was placed in the "lock directory".
So the "lock directory" was added to the list of parameters
that may not be changed in the registry configuration
(because the next config reload would then load a different
registry and drop all the original seetings).
Later, "state directory" and "cache directory" were introduced,
both defaulting to "lock directory". And the registry's location
was changed to "state directory".
It slipped my attention that the forbidden parameters for the
should have been adapted at the time.
So this patch adds "state directory" to the list.
It keeps the lock directory, to catch the case
where the state directory is not explicitly set, hence
defaulting to the "lock directory".
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 01:03:41 +0000 (03:03 +0200)]
selftest: include "state directory" in invalid parameters in registry roundtrip test
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sat, 21 Sep 2013 20:38:31 +0000 (22:38 +0200)]
selftest: add "state directory" to the forbidden parameters test in net conf
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sat, 21 Sep 2013 20:34:31 +0000 (22:34 +0200)]
selftest: add regression test for setting invalid parameters in registry config via "net [rpc] conf"
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 01:06:12 +0000 (03:06 +0200)]
selftest: update SED_INVALID_PARAMS in the registry.roundtrip test
and add an explaining comment.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 01:02:51 +0000 (03:02 +0200)]
selftest: remove unused variables (copy'n'paste...) from test_net_conf.sh
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 08:00:55 +0000 (10:00 +0200)]
s3:net conf: add the same parameter checks to "setparm" as in "net rpc conf".
In "net rpc conf" these checks are necessary, since the that command
uses the plain rpc-registry interface at this moment, and so unfortunately
it has to duplicate the checks from the smbconf library.
Since "net conf" uses the registry, these checks are not necessary in
this command. I add them nonetheless to make the output more similar
to "net rpc conf". It is also a little more user friendy than just
printing "INVALID_PARAMETER" as handed back from libsmbconf.
Implement these checks by calling the new net_conf_param_valid() function.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Tue, 24 Sep 2013 04:43:03 +0000 (06:43 +0200)]
s3:net: check for GLOBAL_NAME net_conf_param_valid()
instead of checking for literal "global"
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Tue, 24 Sep 2013 04:38:09 +0000 (06:38 +0200)]
s3:net rpc conf: factor validation of parameter out for re-use.
This goes into a new module net_conf_util to be shared
between net conf and net rpc conf.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 07:59:19 +0000 (09:59 +0200)]
s3:net rpc conf: rename canon_valname->canon_param_name for clarity in setparm.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 07:11:55 +0000 (09:11 +0200)]
s3:net rpc conf: setparm: introduce variables service_name, param_name, valstr for clarity
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 06:26:47 +0000 (08:26 +0200)]
s3:net rpc conf: reorganize the validity check and canonicalization of the input in "setparm"
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 06:54:30 +0000 (08:54 +0200)]
libsmbconf:registry: clarify the appearance of "includes" in forbidden_names
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 06:47:14 +0000 (08:47 +0200)]
libsmbconf:registry: reorganize the validity check and canonicalization of the input in "setparm"
- first check that the name is an smbconf parameter
- then check that the parameter is allowed in the registry config
- then check that a global parameter is not to be set in a service section
- then canonicalize the parameter and value name, thereby checking that the
value has valid format
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 05:51:05 +0000 (07:51 +0200)]
s3:net rpc conf: print the provided parameter name on error, not the canonicalized one
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 01:45:28 +0000 (03:45 +0200)]
s3:net rpc conf: remove the (now) unused rpc_conf_reg_valname_forbidden()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 01:44:58 +0000 (03:44 +0200)]
s3:net rpc conf: use the published smbconf_reg_parameter_is_valid()
Instead of the duplicated rpc_conf_reg_valname_forbidden()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 08:27:38 +0000 (10:27 +0200)]
libsmbconf:registry: publish smbconf_reg_parameter_is_valid()
So that this does not need to be duplicated..
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Michael Adam [Sun, 22 Sep 2013 01:39:48 +0000 (03:39 +0200)]
libsmbconf:registry: rework smbconf_reg_parameter_forbidden(), renaming it.
The logic is inverted, the lp_parameter_is_invalid call of
smbconf_reg_valname_valid() is included, and the function
is renamed to smbconf_reg_parameter_is_valid().
Use the new function everywhere in smbconf registry backend.
And remove corresponding reverse function smbconf_reg_valname_valid().
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Howard Chu [Thu, 19 Sep 2013 17:41:16 +0000 (10:41 -0700)]
Fix DN RDN case in partition names
Move fix_dn from extended_dn_out.c to util.c
Signed-off-by: Howard Chu <hyc@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date(master): Tue Sep 24 07:43:39 CEST 2013 on sn-devel-104
Howard Chu [Thu, 19 Sep 2013 17:41:02 +0000 (10:41 -0700)]
Fix entryCSN format
Signed-off-by: Howard Chu <hyc@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Nadezhda Ivanova [Wed, 18 Sep 2013 22:31:24 +0000 (15:31 -0700)]
s4-openldap: Remove use of talloc_reference in ldb_map_outbound.c
Instead of referencing the values array of the element to the new element, copy them, to
avoid use of talloc_reference and remove a warning of talloc_steal with reference.
The issue is only relevant when openldap backend is used.
Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Nadezhda Ivanova [Sun, 22 Sep 2013 18:24:57 +0000 (11:24 -0700)]
s4-openldap: Added an -H option to delegation script
Also calling delegation locally without credentials, as this is not really
necessary and causes selftest errors against the openldap backend.
Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Howard Chu [Mon, 16 Sep 2013 21:12:42 +0000 (14:12 -0700)]
Drop paged-search from OpenLDAP stack
Unnecessary, waste of time
Signed-off-by: Howard Chu <hyc@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Howard Chu [Wed, 18 Sep 2013 23:50:34 +0000 (16:50 -0700)]
Add LDB_MAP_RENDROP option
Like LDB_MAP_RENAME, but drop the attribute if it occurs in an Add request.
Used for distinguishedName attribute, is read-only and generated but for
some bizarre reason AD allows it in an Add request.
Signed-off-by: Howard Chu <hyc@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Howard Chu [Thu, 19 Sep 2013 00:10:07 +0000 (17:10 -0700)]
Return a couple more attrs by default
Seems to want name and distinguishedName to always be returned.
Signed-off-by: Howard Chu <hyc@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Howard Chu [Thu, 19 Sep 2013 12:52:59 +0000 (05:52 -0700)]
Cleanup start/stop code
teardown was bailing out before stopping slapd.
Use fork/exec to start slapd, just like samba.
Signed-off-by: Howard Chu <hyc@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
Matthieu Patou [Mon, 23 Sep 2013 05:23:51 +0000 (22:23 -0700)]
pidl: Generate wireshark that conforms to the rules of Wireshark project
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 24 02:04:05 CEST 2013 on sn-devel-104