Group: Applications/System
Requires: libtdb >= 0:%{tdb_version}
Requires: libtalloc >= 0:%{talloc_version}
+Requires(post): /sbin/ldconfig
+Requires(postun): /sbin/ldconfig
%description libs
The %{name}-libs package contains the libraries needed by programs
that use SMB, RPC and other Samba provided protocols in python programs/
%package devel
-Summary: Developor tools for Samba libraries
+Summary: Developer tools for Samba libraries
Group: Development/Libraries
Requires: %{name}-libs = %{epoch}:%{version}-%{release}
$(DESTDIR)$(modulesdir) \
$(DESTDIR)$(mandir) \
$(DESTDIR)$(localstatedir) \
+ $(DESTDIR)$(localstatedir)/lib \
+ $(DESTDIR)$(localstatedir)/run \
$(DESTDIR)$(privatedir) \
$(DESTDIR)$(datadir) \
$(DESTDIR)$(piddir) \
$(DESTDIR)$(privatedir)/tls \
$(DESTDIR)$(includedir) \
$(DESTDIR)$(PKGCONFIGDIR) \
- $(DESTDIR)$(sysconfdir) \
+ $(DESTDIR)$(sysconfdir)
installbin:: $(SBIN_PROGS) $(BIN_PROGS) $(TORTURE_PROGS) installdirs
@$(SHELL) $(srcdir)/script/installtorture.sh \
# e.g. SAMBA_VERSION_ALPHA_RELEASE=1 #
# -> "4.0.0alpha1" #
########################################################
-SAMBA_VERSION_ALPHA_RELEASE=5
+SAMBA_VERSION_ALPHA_RELEASE=6
########################################################
# For 'pre' releases the version will be #
# e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes #
# -> "3.0.0-SVN-build-199" #
########################################################
-SAMBA_VERSION_IS_GIT_SNAPSHOT=no
+SAMBA_VERSION_IS_GIT_SNAPSHOT=yes
########################################################
# This is for specifying a release nickname #
r->in.req.req8.replica_flags = rf1->replica_flags;
r->in.req.req8.max_object_count = 133;
r->in.req.req8.max_ndr_size = 1336811;
- r->in.req.req8.unknown4 = 0;
- r->in.req.req8.h1 = 0;
- r->in.req.req8.unique_ptr1 = 0;
- r->in.req.req8.unique_ptr2 = 0;
+ r->in.req.req8.extended_op = DRSUAPI_EXOP_NONE;
+ r->in.req.req8.fsmo_info = 0;
+ r->in.req.req8.partial_attribute_set = NULL;
+ r->in.req.req8.partial_attribute_set_ex = NULL;
r->in.req.req8.mapping_ctr.num_mappings = 0;
r->in.req.req8.mapping_ctr.mappings = NULL;
} else {
r->in.req.req5.replica_flags = rf1->replica_flags;
r->in.req.req5.max_object_count = 133;
r->in.req.req5.max_ndr_size = 1336770;
- r->in.req.req5.unknown4 = 0;
- r->in.req.req5.h1 = 0;
+ r->in.req.req5.extended_op = DRSUAPI_EXOP_NONE;
+ r->in.req.req5.fsmo_info = 0;
}
req = dcerpc_drsuapi_DsGetNCChanges_send(drsuapi->pipe, r, r);
}
if (do_attribute_explicit(attrs, "validFSMOs")) {
- const struct dsdb_schema_fsmo *schema_fsmo;
const struct dsdb_naming_fsmo *naming_fsmo;
const struct dsdb_pdc_fsmo *pdc_fsmo;
const char *dn_str;
- schema_fsmo = talloc_get_type(ldb_get_opaque(module->ldb, "dsdb_schema_fsmo"),
- struct dsdb_schema_fsmo);
- if (schema_fsmo && schema_fsmo->we_are_master) {
+ if (schema && schema->fsmo.we_are_master) {
dn_str = ldb_dn_get_linearized(samdb_schema_dn(module->ldb));
if (dn_str && dn_str[0]) {
if (ldb_msg_add_fmt(msg, "validFSMOs", "%s", dn_str) != 0) {
static int schema_fsmo_init(struct ldb_module *module)
{
- WERROR status;
TALLOC_CTX *mem_ctx;
struct ldb_dn *schema_dn;
struct dsdb_schema *schema;
- struct dsdb_schema_fsmo *schema_fsmo;
struct ldb_result *schema_res;
- const struct ldb_val *prefix_val;
- const struct ldb_val *info_val;
- struct ldb_val info_val_default;
struct ldb_result *a_res;
struct ldb_result *c_res;
- uint32_t i;
+ char *error_string = NULL;
int ret;
static const char *schema_attrs[] = {
"prefixMap",
return LDB_ERR_OPERATIONS_ERROR;
}
- schema_fsmo = talloc_zero(mem_ctx, struct dsdb_schema_fsmo);
- if (!schema_fsmo) {
- ldb_oom(module->ldb);
- return LDB_ERR_OPERATIONS_ERROR;
- }
- module->private_data = schema_fsmo;
-
- schema = dsdb_new_schema(mem_ctx, lp_iconv_convenience(ldb_get_opaque(module->ldb, "loadparm")));
- if (!schema) {
- ldb_oom(module->ldb);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
/*
* setup the prefix mappings and schema info
*/
return LDB_ERR_CONSTRAINT_VIOLATION;
}
- prefix_val = ldb_msg_find_ldb_val(schema_res->msgs[0], "prefixMap");
- if (!prefix_val) {
- ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
- "schema_fsmo_init: no prefixMap attribute found");
- talloc_free(mem_ctx);
- return LDB_ERR_CONSTRAINT_VIOLATION;
- }
- info_val = ldb_msg_find_ldb_val(schema_res->msgs[0], "schemaInfo");
- if (!info_val) {
- info_val_default = strhex_to_data_blob("FF0000000000000000000000000000000000000000");
- if (!info_val_default.data) {
- ldb_oom(module->ldb);
- return LDB_ERR_OPERATIONS_ERROR;
- }
- talloc_steal(mem_ctx, info_val_default.data);
- info_val = &info_val_default;
- }
-
- status = dsdb_load_oid_mappings_ldb(schema, prefix_val, info_val);
- if (!W_ERROR_IS_OK(status)) {
- ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
- "schema_fsmo_init: failed to load oid mappings: %s",
- win_errstr(status));
- talloc_free(mem_ctx);
- return LDB_ERR_CONSTRAINT_VIOLATION;
- }
-
/*
* load the attribute definitions
*/
}
talloc_steal(mem_ctx, a_res);
- for (i=0; i < a_res->count; i++) {
- struct dsdb_attribute *sa;
-
- sa = talloc_zero(schema, struct dsdb_attribute);
- if (!sa) {
- ldb_oom(module->ldb);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- status = dsdb_attribute_from_ldb(schema, a_res->msgs[i], sa, sa);
- if (!W_ERROR_IS_OK(status)) {
- ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
- "schema_fsmo_init: failed to load attriute definition: %s:%s",
- ldb_dn_get_linearized(a_res->msgs[i]->dn),
- win_errstr(status));
- talloc_free(mem_ctx);
- return LDB_ERR_CONSTRAINT_VIOLATION;
- }
-
- DLIST_ADD_END(schema->attributes, sa, struct dsdb_attribute *);
- }
- talloc_free(a_res);
-
/*
* load the objectClass definitions
*/
}
talloc_steal(mem_ctx, c_res);
- for (i=0; i < c_res->count; i++) {
- struct dsdb_class *sc;
-
- sc = talloc_zero(schema, struct dsdb_class);
- if (!sc) {
- ldb_oom(module->ldb);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- status = dsdb_class_from_ldb(schema, c_res->msgs[i], sc, sc);
- if (!W_ERROR_IS_OK(status)) {
- ldb_debug_set(module->ldb, LDB_DEBUG_FATAL,
- "schema_fsmo_init: failed to load class definition: %s:%s",
- ldb_dn_get_linearized(c_res->msgs[i]->dn),
- win_errstr(status));
- talloc_free(mem_ctx);
- return LDB_ERR_CONSTRAINT_VIOLATION;
- }
-
- DLIST_ADD_END(schema->classes, sc, struct dsdb_class *);
+ ret = dsdb_schema_from_ldb_results(mem_ctx, module->ldb,
+ lp_iconv_convenience(ldb_get_opaque(module->ldb, "loadparm")),
+ schema_res, a_res, c_res, &schema, &error_string);
+ if (ret != LDB_SUCCESS) {
+ ldb_asprintf_errstring(module->ldb,
+ "schema_fsmo_init: dsdb_schema load failed: %s",
+ error_string);
+ talloc_free(mem_ctx);
+ return ret;
}
- talloc_free(c_res);
-
+
/* dsdb_set_schema() steal schema into the ldb_context */
ret = dsdb_set_schema(module->ldb, schema);
if (ret != LDB_SUCCESS) {
return ret;
}
- schema_fsmo->master_dn = ldb_msg_find_attr_as_dn(module->ldb, schema_fsmo, schema_res->msgs[0], "fSMORoleOwner");
- if (ldb_dn_compare(samdb_ntds_settings_dn(module->ldb), schema_fsmo->master_dn) == 0) {
- schema_fsmo->we_are_master = true;
- } else {
- schema_fsmo->we_are_master = false;
+ talloc_free(mem_ctx);
+ return ldb_next_init(module);
+}
+
+static int schema_fsmo_add(struct ldb_module *module, struct ldb_request *req)
+{
+ struct dsdb_schema *schema;
+ const char *attributeID = NULL;
+ const char *governsID = NULL;
+ const char *oid_attr = NULL;
+ const char *oid = NULL;
+ uint32_t id32;
+ WERROR status;
+
+ schema = dsdb_get_schema(module->ldb);
+ if (!schema) {
+ return ldb_next_request(module, req);
+ }
+
+ if (!schema->fsmo.we_are_master) {
+ ldb_debug_set(module->ldb, LDB_DEBUG_ERROR,
+ "schema_fsmo_add: we are not master: reject request\n");
+ return LDB_ERR_UNWILLING_TO_PERFORM;
}
- if (ldb_set_opaque(module->ldb, "dsdb_schema_fsmo", schema_fsmo) != LDB_SUCCESS) {
- ldb_oom(module->ldb);
- return LDB_ERR_OPERATIONS_ERROR;
+ attributeID = samdb_result_string(req->op.add.message, "attributeID", NULL);
+ governsID = samdb_result_string(req->op.add.message, "governsID", NULL);
+
+ if (attributeID) {
+ oid_attr = "attributeID";
+ oid = attributeID;
+ } else if (governsID) {
+ oid_attr = "governsID";
+ oid = governsID;
}
- talloc_steal(module, schema_fsmo);
+ if (!oid) {
+ return ldb_next_request(module, req);
+ }
- ldb_debug(module->ldb, LDB_DEBUG_TRACE,
- "schema_fsmo_init: we are master: %s\n",
- (schema_fsmo->we_are_master?"yes":"no"));
+ status = dsdb_map_oid2int(schema, oid, &id32);
+ if (W_ERROR_IS_OK(status)) {
+ return ldb_next_request(module, req);
+ } else if (!W_ERROR_EQUAL(WERR_DS_NO_MSDS_INTID, status)) {
+ ldb_debug_set(module->ldb, LDB_DEBUG_ERROR,
+ "schema_fsmo_add: failed to map %s[%s]: %s\n",
+ oid_attr, oid, win_errstr(status));
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ }
- talloc_free(mem_ctx);
- return ldb_next_init(module);
+ status = dsdb_create_prefix_mapping(module->ldb, schema, oid);
+ if (!W_ERROR_IS_OK(status)) {
+ ldb_debug_set(module->ldb, LDB_DEBUG_ERROR,
+ "schema_fsmo_add: failed to create prefix mapping for %s[%s]: %s\n",
+ oid_attr, oid, win_errstr(status));
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ }
+
+ return ldb_next_request(module, req);
}
_PUBLIC_ const struct ldb_module_ops ldb_schema_fsmo_module_ops = {
.name = "schema_fsmo",
- .init_context = schema_fsmo_init
+ .init_context = schema_fsmo_init,
+ .add = schema_fsmo_add
};
struct dsdb_extended_replicated_object *objects;
};
-struct dsdb_schema_fsmo {
- bool we_are_master;
- struct ldb_dn *master_dn;
-};
-
struct dsdb_naming_fsmo {
bool we_are_master;
struct ldb_dn *master_dn;
struct dsdb_attribute *attributes;
struct dsdb_class *classes;
+ struct {
+ bool we_are_master;
+ struct ldb_dn *master_dn;
+ } fsmo;
+
struct smb_iconv_convenience *iconv_convenience;
};
return WERR_DS_NO_MSDS_INTID;
}
+/*
+ * this function is called from within a ldb transaction from the schema_fsmo module
+ */
+WERROR dsdb_create_prefix_mapping(struct ldb_context *ldb, struct dsdb_schema *schema, const char *full_oid)
+{
+ /*
+ * TODO:
+ * - (maybe) read the old prefixMap attribute and parse it
+ *
+ * - recheck the prefix doesn't exist (because the ldb
+ * has maybe a more uptodate value than schem->prefixes
+ *
+ * - calculate a new mapping for the oid prefix of full_oid
+ * - store the new prefixMap attribute
+ *
+ * - (maybe) update schema->prefixes
+ * or
+ * - better find a way to indicate a schema reload,
+ * so that other processes also notice the schema change
+ */
+ return WERR_NOT_SUPPORTED;
+}
+
#define GET_STRING_LDB(msg, attr, mem_ctx, p, elem, strict) do { \
(p)->elem = samdb_result_string(msg, attr, NULL);\
if (strict && (p)->elem == NULL) { \
GET_STRING_LDB(msg, "subClassOf", mem_ctx, obj, subClassOf, true);
- obj->systemAuxiliaryClass = NULL;
-
- obj->auxiliaryClass = NULL;
+ GET_STRING_LIST_LDB(msg, "systemAuxiliaryClass", mem_ctx, obj, systemAuxiliaryClass, false);
+ GET_STRING_LIST_LDB(msg, "auxiliaryClass", mem_ctx, obj, auxiliaryClass, false);
GET_STRING_LIST_LDB(msg, "systemMustContain", mem_ctx, obj, systemMustContain, false);
GET_STRING_LIST_LDB(msg, "systemMayContain", mem_ctx, obj, systemMayContain, false);
return WERR_OK;
}
+#define dsdb_oom(error_string, mem_ctx) *error_string = talloc_asprintf(mem_ctx, "dsdb out of memory at %s:%d\n", __FILE__, __LINE__)
+
+int dsdb_schema_from_ldb_results(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
+ struct smb_iconv_convenience *iconv_convenience,
+ struct ldb_result *schema_res,
+ struct ldb_result *attrs_res, struct ldb_result *objectclass_res,
+ struct dsdb_schema **schema_out,
+ char **error_string)
+{
+ WERROR status;
+ uint32_t i;
+ const struct ldb_val *prefix_val;
+ const struct ldb_val *info_val;
+ struct ldb_val info_val_default;
+ struct dsdb_schema *schema;
+
+ schema = dsdb_new_schema(mem_ctx, iconv_convenience);
+ if (!schema) {
+ dsdb_oom(error_string, mem_ctx);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ prefix_val = ldb_msg_find_ldb_val(schema_res->msgs[0], "prefixMap");
+ if (!prefix_val) {
+ *error_string = talloc_asprintf(mem_ctx,
+ "schema_fsmo_init: no prefixMap attribute found");
+ talloc_free(mem_ctx);
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+ info_val = ldb_msg_find_ldb_val(schema_res->msgs[0], "schemaInfo");
+ if (!info_val) {
+ info_val_default = strhex_to_data_blob("FF0000000000000000000000000000000000000000");
+ if (!info_val_default.data) {
+ dsdb_oom(error_string, mem_ctx);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ talloc_steal(mem_ctx, info_val_default.data);
+ info_val = &info_val_default;
+ }
+
+ status = dsdb_load_oid_mappings_ldb(schema, prefix_val, info_val);
+ if (!W_ERROR_IS_OK(status)) {
+ *error_string = talloc_asprintf(mem_ctx,
+ "schema_fsmo_init: failed to load oid mappings: %s",
+ win_errstr(status));
+ talloc_free(mem_ctx);
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ for (i=0; i < attrs_res->count; i++) {
+ struct dsdb_attribute *sa;
+
+ sa = talloc_zero(schema, struct dsdb_attribute);
+ if (!sa) {
+ dsdb_oom(error_string, mem_ctx);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ status = dsdb_attribute_from_ldb(schema, attrs_res->msgs[i], sa, sa);
+ if (!W_ERROR_IS_OK(status)) {
+ *error_string = talloc_asprintf(mem_ctx,
+ "schema_fsmo_init: failed to load attriute definition: %s:%s",
+ ldb_dn_get_linearized(attrs_res->msgs[i]->dn),
+ win_errstr(status));
+ talloc_free(mem_ctx);
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ DLIST_ADD_END(schema->attributes, sa, struct dsdb_attribute *);
+ }
+
+ for (i=0; i < objectclass_res->count; i++) {
+ struct dsdb_class *sc;
+
+ sc = talloc_zero(schema, struct dsdb_class);
+ if (!sc) {
+ dsdb_oom(error_string, mem_ctx);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ status = dsdb_class_from_ldb(schema, objectclass_res->msgs[i], sc, sc);
+ if (!W_ERROR_IS_OK(status)) {
+ *error_string = talloc_asprintf(mem_ctx,
+ "schema_fsmo_init: failed to load class definition: %s:%s",
+ ldb_dn_get_linearized(objectclass_res->msgs[i]->dn),
+ win_errstr(status));
+ talloc_free(mem_ctx);
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ DLIST_ADD_END(schema->classes, sc, struct dsdb_class *);
+ }
+
+ schema->fsmo.master_dn = ldb_msg_find_attr_as_dn(ldb, schema, schema_res->msgs[0], "fSMORoleOwner");
+ if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), schema->fsmo.master_dn) == 0) {
+ schema->fsmo.we_are_master = true;
+ } else {
+ schema->fsmo.we_are_master = false;
+ }
+
+ DEBUG(5, ("schema_fsmo_init: we are master: %s\n",
+ (schema->fsmo.we_are_master?"yes":"no")));
+
+ *schema_out = schema;
+ return LDB_SUCCESS;
+}
+
+
static const struct {
const char *name;
const char *oid;
schema = dsdb_new_schema(mem_ctx, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")));
+ schema->fsmo.we_are_master = true;
+ schema->fsmo.master_dn = ldb_dn_new_fmt(schema, ldb, "@PROVISION_SCHEMA_MASTER");
+ if (!schema->fsmo.master_dn) {
+ goto nomem;
+ }
+
/*
* load the prefixMap attribute from pf
*/
NT_STATUS_HAVE_NO_MEMORY(local_ctx);
dn = ldb_dn_new(local_ctx, samdb, req->dn);
- VALID_DN_SYNTAX(dn, 1);
+ VALID_DN_SYNTAX(dn, 0);
DEBUG(10, ("ModifyRequest: dn: [%s]\n", req->dn));
ldbtest_OBJ_FILES = $(ldbsrcdir)/tools/ldbtest.o
-################################################
-# Start BINARY oLschema2ldif
-[BINARY::oLschema2ldif]
-INSTALLDIR = BINDIR
-PRIVATE_DEPENDENCIES = \
- LIBLDB_CMDLINE
-# End BINARY oLschema2ldif
-################################################
-
-
-oLschema2ldif_OBJ_FILES = $(addprefix $(ldbsrcdir)/tools/, convert.o oLschema2ldif.o)
-
-MANPAGES += $(ldbsrcdir)/man/oLschema2ldif.1
-
-################################################
-# Start BINARY ad2oLschema
-[BINARY::ad2oLschema]
-INSTALLDIR = BINDIR
-PRIVATE_DEPENDENCIES = \
- LIBLDB_CMDLINE
-# End BINARY ad2oLschema
-################################################
-
-ad2oLschema_OBJ_FILES = $(addprefix $(ldbsrcdir)/tools/, convert.o ad2oLschema.o)
-
-MANPAGES += $(ldbsrcdir)/man/ad2oLschema.1
-
mkinclude tools/config.mk
mkinclude ldb_ildap/config.mk
r->in.req.req8.replica_flags = partition->replica_flags;
r->in.req.req8.max_object_count = 133;
r->in.req.req8.max_ndr_size = 1336811;
- r->in.req.req8.unknown4 = 0;
- r->in.req.req8.h1 = 0;
- r->in.req.req8.unique_ptr1 = 0;
- r->in.req.req8.unique_ptr2 = 0;
+ r->in.req.req8.extended_op = DRSUAPI_EXOP_NONE;
+ r->in.req.req8.fsmo_info = 0;
+ r->in.req.req8.partial_attribute_set = NULL;
+ r->in.req.req8.partial_attribute_set_ex = NULL;
r->in.req.req8.mapping_ctr.num_mappings = 0;
r->in.req.req8.mapping_ctr.mappings = NULL;
} else {
r->in.req.req5.replica_flags = partition->replica_flags;
r->in.req.req5.max_object_count = 133;
r->in.req.req5.max_ndr_size = 1336770;
- r->in.req.req5.unknown4 = 0;
- r->in.req.req5.h1 = 0;
+ r->in.req.req5.extended_op = DRSUAPI_EXOP_NONE;
+ r->in.req.req5.fsmo_info = 0;
}
/*
DRSUAPI_DS_REPLICA_NEIGHBOUR_PARTIAL_ATTRIBUTE_SET = 0x40000000
} drsuapi_DsReplicaNeighbourFlags;
+ typedef [flag(NDR_PAHEX),v1_enum] enum {
+ DRSUAPI_EXOP_NONE = 0x00000000,
+ DRSUAPI_EXOP_FSMO_REQ_ROLE = 0x00000001,
+ DRSUAPI_EXOP_FSMO_RID_ALLOC = 0x00000002,
+ DRSUAPI_EXOP_FSMO_RID_REQ_ROLE = 0x00000003,
+ DRSUAPI_EXOP_FSMO_REQ_PDC = 0x00000004,
+ DRSUAPI_EXOP_FSMO_ABANDON_ROLE = 0x00000005,
+ DRSUAPI_EXOP_REPL_OBJ = 0x00000006,
+ DRSUAPI_EXOP_REPL_SECRET = 0x00000007
+ } drsuapi_DsExtendedOperation;
+
typedef struct {
GUID destination_dsa_guid;
GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
drsuapi_DsReplicaNeighbourFlags replica_flags;
uint32 max_object_count; /* w2k3 uses min(133,max(100,max_object_count)) */
uint32 max_ndr_size; /* w2k3 seems to ignore this */
- uint32 unknown4;
- hyper h1;
+ drsuapi_DsExtendedOperation extended_op;
+ hyper fsmo_info;
} drsuapi_DsGetNCChangesRequest5;
/*
DRSUAPI_ATTRIBUTE_msDS_hasMasterNCs = 0x0009072c
} drsuapi_DsAttributeId;
+ typedef struct {
+ [value(1)] uint32 version;
+ [value(0)] uint32 reserved1;
+ [range(1,0x100000)] uint32 num_attids;
+ [size_is(num_attids)] drsuapi_DsAttributeId attids[];
+ } drsuapi_DsPartialAttributeSet;
+
typedef struct {
GUID destination_dsa_guid;
GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
drsuapi_DsReplicaNeighbourFlags replica_flags;
uint32 max_object_count; /* w2k3 uses min(133,max(100,max_object_count)) */
uint32 max_ndr_size; /* w2k3 seems to ignore this */
- uint32 unknown4;
- hyper h1;
- uint32 unique_ptr1;
- uint32 unique_ptr2;
+ drsuapi_DsExtendedOperation extended_op;
+ hyper fsmo_info;
+ drsuapi_DsPartialAttributeSet *partial_attribute_set;
+ drsuapi_DsPartialAttributeSet *partial_attribute_set_ex;
drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr;
} drsuapi_DsGetNCChangesRequest8;
}
r.in.req.req5.max_object_count = 0;
r.in.req.req5.max_ndr_size = 0;
- r.in.req.req5.unknown4 = 0;
- r.in.req.req5.h1 = 0;
+ r.in.req.req5.extended_op = DRSUAPI_EXOP_NONE;
+ r.in.req.req5.fsmo_info = 0;
break;
case 8:
;
r.in.req.req8.max_object_count = 402;
r.in.req.req8.max_ndr_size = 402116;
- r.in.req.req8.unknown4 = 0;
- r.in.req.req8.h1 = 0;
- r.in.req.req8.unique_ptr1 = 0;
- r.in.req.req8.unique_ptr2 = 0;
+ r.in.req.req8.extended_op = DRSUAPI_EXOP_NONE;
+ r.in.req.req8.fsmo_info = 0;
+ r.in.req.req8.partial_attribute_set = NULL;
+ r.in.req.req8.partial_attribute_set_ex = NULL;
r.in.req.req8.mapping_ctr.num_mappings = 0;
r.in.req.req8.mapping_ctr.mappings = NULL;
;
r.in.req.req5.max_object_count = 133;
r.in.req.req5.max_ndr_size = 1336770;
- r.in.req.req5.unknown4 = 0;
- r.in.req.req5.h1 = 0;
+ r.in.req.req5.extended_op = DRSUAPI_EXOP_NONE;
+ r.in.req.req5.fsmo_info = 0;
break;
case 8:
r.in.req.req8.max_object_count = 402;
r.in.req.req8.max_ndr_size = 402116;
- r.in.req.req8.unknown4 = 0;
- r.in.req.req8.h1 = 0;
- r.in.req.req8.unique_ptr1 = 0;
- r.in.req.req8.unique_ptr2 = 0;
+ r.in.req.req8.extended_op = DRSUAPI_EXOP_NONE;
+ r.in.req.req8.fsmo_info = 0;
+ r.in.req.req8.partial_attribute_set = NULL;
+ r.in.req.req8.partial_attribute_set_ex = NULL;
r.in.req.req8.mapping_ctr.num_mappings = 0;
r.in.req.req8.mapping_ctr.mappings = NULL;
--- /dev/null
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<refentry id="ad2oLschema.1">
+
+<refmeta>
+ <refentrytitle>ad2oLschema</refentrytitle>
+ <manvolnum>1</manvolnum>
+</refmeta>
+
+
+<refnamediv>
+ <refname>ad2oLschema</refname>
+ <refpurpose>Converts AC-like LDAP schemas to OpenLDAP
+ compatible schema files</refpurpose>
+</refnamediv>
+
+<refsynopsisdiv>
+ <cmdsynopsis>
+ <command>ad2oLschema</command>
+ <arg choice="opt">-I INPUT-FILE</arg>
+ <arg choice="opt">-O OUTPUT-FILE</arg>
+ </cmdsynopsis>
+</refsynopsisdiv>
+
+<refsect1>
+ <title>DESCRIPTION</title>
+
+ <para>ad2oLschema is a simple tool that converts AD-like LDIF
+ schema files into OpenLDAP schema files.</para>
+</refsect1>
+
+
+<refsect1>
+ <title>OPTIONS</title>
+
+ <variablelist>
+ <varlistentry>
+ <term>-H url</term>
+ <listitem><para>URL to an LDB or LDAP server with an AD schema to read. </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-I input-file</term> <listitem><para>AD schema
+ to read. If neither this nor -H is specified, the
+ schema file will be read from standard input.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-O output-file</term>
+ <listitem><para>File to write OpenLDAP version of schema to.
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect1>
+
+<refsect1>
+ <title>VERSION</title>
+
+ <para>This man page is correct for version 4.0 of the Samba suite.</para>
+</refsect1>
+
+<refsect1>
+ <title>SEE ALSO</title>
+
+ <para>ldb(7), ldbmodify, ldbdel, ldif(5)</para>
+
+</refsect1>
+
+<refsect1>
+ <title>AUTHOR</title>
+
+ <para> ldb was written by
+ <ulink url="http://samba.org/~tridge/">Andrew Tridgell</ulink>.
+ ad2oLschema was written by <ulink
+ url="http://samba.org/~abartlet/">Andrew Bartlett</ulink>.
+ </para>
+
+ <para>
+If you wish to report a problem or make a suggestion then please see
+the <ulink url="http://ldb.samba.org/"/> web site for
+current contact and maintainer information.
+ </para>
+
+</refsect1>
+
+</refentry>
#include "includes.h"
#include "ldb_includes.h"
#include "system/locale.h"
-#include "tools/cmdline.h"
-#include "tools/convert.h"
+#include "lib/ldb/tools/cmdline.h"
+#include "utils/schema_convert.h"
#include "param/param.h"
#include "lib/cmdline/popt_common.h"
+#include "dsdb/samdb/samdb.h"
struct schema_conv {
int count;
TALLOC_CTX *mem_ctx,
struct ldb_result **attrs_res)
{
- TALLOC_CTX *local_ctx = talloc_new(mem_ctx);
int ret;
- const char *attrs[] = {
- "lDAPDisplayName",
- "isSingleValued",
- "attributeID",
- "attributeSyntax",
- "description",
- NULL
- };
- if (!local_ctx) {
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
/* Downlaod schema */
ret = ldb_search(ldb, schemadn, LDB_SCOPE_SUBTREE,
"objectClass=attributeSchema",
- attrs, attrs_res);
+ NULL, attrs_res);
if (ret != LDB_SUCCESS) {
printf("Search failed: %s\n", ldb_errstring(ldb));
return LDB_ERR_OPERATIONS_ERROR;
return ret;
}
-static const char *oc_attrs[] = {
- "lDAPDisplayName",
- "mayContain",
- "mustContain",
- "systemMayContain",
- "systemMustContain",
- "objectClassCategory",
- "governsID",
- "description",
- "subClassOf",
- NULL
-};
-
static int fetch_oc_recursive(struct ldb_context *ldb, struct ldb_dn *schemadn,
TALLOC_CTX *mem_ctx,
struct ldb_result *search_from,
"lDAPDisplayname", NULL);
ret = ldb_search_exp_fmt(ldb, mem_ctx, &res,
- schemadn, LDB_SCOPE_SUBTREE, oc_attrs,
+ schemadn, LDB_SCOPE_SUBTREE, NULL,
"(&(&(objectClass=classSchema)(subClassOf=%s))(!(lDAPDisplayName=%s)))",
name, name);
if (ret != LDB_SUCCESS) {
/* Downlaod 'top' */
ret = ldb_search(ldb, schemadn, LDB_SCOPE_SUBTREE,
"(&(objectClass=classSchema)(lDAPDisplayName=top))",
- oc_attrs, &top_res);
+ NULL, &top_res);
if (ret != LDB_SUCCESS) {
printf("Search failed: %s\n", ldb_errstring(ldb));
return LDB_ERR_OPERATIONS_ERROR;
return ret;
}
-static struct ldb_dn *find_schema_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx)
+static struct ldb_dn *find_schema_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
+ struct ldb_result **schema_res)
{
const char *rootdse_attrs[] = {"schemaNamingContext", NULL};
- const char *no_attrs[] = { NULL };
struct ldb_dn *schemadn;
struct ldb_dn *basedn = ldb_dn_new(mem_ctx, ldb, NULL);
struct ldb_result *rootdse_res;
- struct ldb_result *schema_res;
int ldb_ret;
+
if (!basedn) {
return NULL;
}
if (ldb_ret != LDB_SUCCESS) {
ldb_ret = ldb_search(ldb, basedn, LDB_SCOPE_SUBTREE,
"(&(objectClass=dMD)(cn=Schema))",
- no_attrs, &schema_res);
+ NULL, schema_res);
if (ldb_ret) {
printf("cn=Schema Search failed: %s\n", ldb_errstring(ldb));
return NULL;
}
- talloc_steal(mem_ctx, schema_res);
+ talloc_steal(mem_ctx, *schema_res);
- if (schema_res->count != 1) {
+ if ((*schema_res)->count != 1) {
printf("Failed to find rootDSE");
return NULL;
}
- schemadn = talloc_steal(mem_ctx, schema_res->msgs[0]->dn);
- talloc_free(schema_res);
+ schemadn = talloc_steal(mem_ctx, (*schema_res)->msgs[0]->dn);
return schemadn;
}
return NULL;
}
+ ldb_ret = ldb_search(ldb, schemadn, LDB_SCOPE_BASE,
+ "(&(objectClass=dMD)(cn=Schema))",
+ NULL, schema_res);
+ if (ldb_ret) {
+ printf("cn=Schema Search failed: %s\n", ldb_errstring(ldb));
+ return NULL;
+ }
+
+ talloc_steal(mem_ctx, *schema_res);
+
+ if ((*schema_res)->count != 1) {
+ printf("Failed to find rootDSE");
+ return NULL;
+ }
talloc_free(rootdse_res);
return schemadn;
}
+static bool merge_attr_list(TALLOC_CTX *mem_ctx,
+ struct ldb_message_element *attrs, struct ldb_message_element *new_attrs)
+{
+ struct ldb_val *values;
+ if (!new_attrs) {
+ return true;
+ }
+
+ values = talloc_realloc(mem_ctx,
+ attrs->values, struct ldb_val, attrs->num_values + new_attrs->num_values);
+
+ attrs->values = values;
+
+ memcpy(&attrs->values[attrs->num_values], new_attrs->values, sizeof(*new_attrs->values) * new_attrs->num_values);
+ attrs->num_values = attrs->num_values + new_attrs->num_values;
+
+ /* Add sort and unique implementation here */
+
+ return true;
+}
+
+static bool find_aux_classes(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, struct ldb_dn *schema_dn,
+ struct ldb_message_element *aux_class, struct ldb_message_element *must,
+ struct ldb_message_element *sys_must, struct ldb_message_element *may,
+ struct ldb_message_element *sys_may)
+{
+ int i, ret;
+ struct ldb_message *msg;
+ struct ldb_result *res;
+
+ for (i=0; aux_class && i < aux_class->num_values; i++) {
+ ret = ldb_search_exp_fmt(ldb, mem_ctx, &res,
+ schema_dn, LDB_SCOPE_SUBTREE, NULL,
+ "(&(objectClass=classSchema)(lDAPDisplayName=%s))",
+ aux_class->values[i].data);
+ if (ret != LDB_SUCCESS) {
+ return false;
+ }
+
+ msg = res->msgs[0];
+
+ if (!merge_attr_list(mem_ctx, must, ldb_msg_find_element(msg, "mustContain"))) {
+ return false;
+ }
+ if (!merge_attr_list(mem_ctx, sys_must, ldb_msg_find_element(msg, "systemMustContain"))) {
+ return false;
+ }
+ if (!merge_attr_list(mem_ctx, may, ldb_msg_find_element(msg, "mayContain"))) {
+ return false;
+ }
+ if (!merge_attr_list(mem_ctx, sys_may, ldb_msg_find_element(msg, "systemMayContain"))) {
+ return false;
+ }
+
+
+ if (res->count == 0) {
+ return false;
+ }
+
+ if (!find_aux_classes(mem_ctx, ldb, schema_dn,
+ ldb_msg_find_element(msg, "auxiliaryClass"), must, sys_must, may, sys_may)) {
+ return false;
+ }
+ if (!find_aux_classes(mem_ctx, ldb, schema_dn,
+ ldb_msg_find_element(msg, "systemAuxiliaryClass"), must, sys_must, may, sys_may)) {
+ return false;
+ }
+ }
+ return true;
+}
+
+
#define IF_NULL_FAIL_RET(x) do { \
if (!x) { \
ret.failures++; \
char *new_attr;
} *attr_map = NULL;
int num_attr_maps = 0;
- struct ldb_result *attrs_res, *objectclasses_res;
+ struct ldb_result *schema_res, *attrs_res, *objectclasses_res;
struct ldb_dn *schemadn;
struct schema_conv ret;
+ struct dsdb_schema *schema;
+ char *error_string;
int ldb_ret, i;
}
}
- schemadn = find_schema_dn(ldb, mem_ctx);
+ schemadn = find_schema_dn(ldb, mem_ctx, &schema_res);
if (!schemadn) {
printf("Failed to find schema DN: %s\n", ldb_errstring(ldb));
ret.failures = 1;
ret.failures = 1;
return ret;
}
+
+
+ ldb_ret = fetch_objectclass_schema(ldb, schemadn, mem_ctx, &objectclasses_res);
+ if (ldb_ret != LDB_SUCCESS) {
+ printf("Failed to fetch objectClass schema elements: %s\n", ldb_errstring(ldb));
+ ret.failures = 1;
+ return ret;
+ }
+ ldb_ret = dsdb_schema_from_ldb_results(mem_ctx, ldb,
+ lp_iconv_convenience(cmdline_lp_ctx),
+ schema_res, attrs_res, objectclasses_res, &schema, &error_string);
+ if (ldb_ret != LDB_SUCCESS) {
+ printf("Failed to load schema: %s\n", error_string);
+ ret.failures = 1;
+ return ret;
+ }
+
switch (target) {
case TARGET_OPENLDAP:
break;
ret.count++;
}
- ldb_ret = fetch_objectclass_schema(ldb, schemadn, mem_ctx, &objectclasses_res);
- if (ldb_ret != LDB_SUCCESS) {
- printf("Failed to fetch objectClass schema elements: %s\n", ldb_errstring(ldb));
- ret.failures = 1;
- return ret;
- }
-
for (i=0; i < objectclasses_res->count; i++) {
struct ldb_message *msg = objectclasses_res->msgs[i];
const char *name = ldb_msg_find_attr_as_string(msg, "lDAPDisplayName", NULL);
struct ldb_message_element *sys_must = ldb_msg_find_element(msg, "systemMustContain");
struct ldb_message_element *may = ldb_msg_find_element(msg, "mayContain");
struct ldb_message_element *sys_may = ldb_msg_find_element(msg, "systemMayContain");
+ struct ldb_message_element *aux_class = ldb_msg_find_element(msg, "auxiliaryClass");
+ struct ldb_message_element *sys_aux_class = ldb_msg_find_element(msg, "systemAuxiliaryClass");
char *schema_entry = NULL;
int j;
continue;
}
+ if (must == NULL) {
+ must = talloc_zero(mem_ctx, struct ldb_message_element);
+ }
+
+ if (may == NULL) {
+ may = talloc_zero(mem_ctx, struct ldb_message_element);
+ }
+
+ if (sys_must == NULL) {
+ sys_must = talloc_zero(mem_ctx, struct ldb_message_element);
+ }
+
+ if (sys_may == NULL) {
+ sys_may = talloc_zero(mem_ctx, struct ldb_message_element);
+ }
+
+ if (!find_aux_classes(mem_ctx, ldb, schemadn, aux_class, must, sys_must, may, sys_may)) {
+ ret.failures++;
+ continue;
+ }
+
+ if (!find_aux_classes(mem_ctx, ldb, schemadn, sys_aux_class, must, sys_must, may, sys_may)) {
+ ret.failures++;
+ continue;
+ }
+
/* We might have been asked to remap this oid, due to a conflict */
for (j=0; oid_map && oid_map[j].old_oid; j++) {
if (strcasecmp(oid, oid_map[j].old_oid) == 0) {
} \
} while (0)
- if (must || sys_must) {
+ if ((must && must->values) || (sys_must && sys_must->values)) {
schema_entry = talloc_asprintf_append(schema_entry,
" MUST (");
IF_NULL_FAIL_RET(schema_entry);
APPEND_ATTRS(must);
- if (must && sys_must) {
+ if (must && must->values && sys_must && sys_must->values) {
schema_entry = talloc_asprintf_append(schema_entry, \
" $"); \
}
IF_NULL_FAIL_RET(schema_entry);
}
- if (may || sys_may) {
+ if ((may && may->values) || (sys_may && sys_may->values)) {
schema_entry = talloc_asprintf_append(schema_entry,
" MAY (");
IF_NULL_FAIL_RET(schema_entry);
APPEND_ATTRS(may);
- if (may && sys_may) {
+ if (may && may->values && sys_may && sys_may->values) {
schema_entry = talloc_asprintf_append(schema_entry, \
" $"); \
}
#################################
testparm_OBJ_FILES = $(utilssrcdir)/testparm.o
+
+################################################
+# Start BINARY oLschema2ldif
+[BINARY::oLschema2ldif]
+INSTALLDIR = BINDIR
+PRIVATE_DEPENDENCIES = \
+ LIBLDB_CMDLINE
+# End BINARY oLschema2ldif
+################################################
+
+
+oLschema2ldif_OBJ_FILES = $(addprefix $(utilssrcdir)/, schema_convert.o oLschema2ldif.o)
+
+MANPAGES += $(utilssrcdir)/man/oLschema2ldif.1
+
+################################################
+# Start BINARY ad2oLschema
+[BINARY::ad2oLschema]
+INSTALLDIR = BINDIR
+PRIVATE_DEPENDENCIES = \
+ LIBLDB_CMDLINE SAMDB
+# End BINARY ad2oLschema
+################################################
+
+ad2oLschema_OBJ_FILES = $(addprefix $(utilssrcdir)/, schema_convert.o ad2oLschema.o)
+
+MANPAGES += $(utilssrcdir)/man/ad2oLschema.1
+
--- /dev/null
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<refentry id="oLschema2ldif.1">
+
+<refmeta>
+ <refentrytitle>oLschema2ldif</refentrytitle>
+ <manvolnum>1</manvolnum>
+</refmeta>
+
+
+<refnamediv>
+ <refname>oLschema2ldif</refname>
+ <refpurpose>Converts LDAP schema's to LDB-compatible LDIF</refpurpose>
+</refnamediv>
+
+<refsynopsisdiv>
+ <cmdsynopsis>
+ <command>oLschema2ldif</command>
+ <arg choice="opt">-I INPUT-FILE</arg>
+ <arg choice="opt">-O OUTPUT-FILE</arg>
+ </cmdsynopsis>
+</refsynopsisdiv>
+
+<refsect1>
+ <title>DESCRIPTION</title>
+
+ <para>oLschema2ldif is a simple tool that converts standard OpenLDAP schema files to a LDIF format that is understood by LDB.</para>
+</refsect1>
+
+
+<refsect1>
+ <title>OPTIONS</title>
+
+ <variablelist>
+ <varlistentry>
+ <term>-I input-file</term>
+ <listitem><para>OpenLDAP schema to read. If none are specified,
+the schema file will be read from standard input.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-O output-file</term>
+ <listitem><para>File to write ldif version of schema to.
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect1>
+
+<refsect1>
+ <title>VERSION</title>
+
+ <para>This man page is correct for version 4.0 of the Samba suite.</para>
+</refsect1>
+
+<refsect1>
+ <title>SEE ALSO</title>
+
+ <para>ldb(7), ldbmodify, ldbdel, ldif(5)</para>
+
+</refsect1>
+
+<refsect1>
+ <title>AUTHOR</title>
+
+ <para> ldb was written by
+ <ulink url="http://samba.org/~tridge/">Andrew Tridgell</ulink>.
+ oLschema2ldif was written by <ulink url="mailto:idra@samba.org">Simo Sorce</ulink>.
+ </para>
+
+ <para>
+If you wish to report a problem or make a suggestion then please see
+the <ulink url="http://ldb.samba.org/"/> web site for
+current contact and maintainer information.
+ </para>
+
+</refsect1>
+
+</refentry>
#include "ldb_includes.h"
#include "tools/cmdline.h"
-#include "tools/convert.h"
+#include "utils/schema_convert.h"
#define SCHEMA_UNKNOWN 0
#define SCHEMA_NAME 1
License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
-#include "convert.h"
+#include "schema_convert.h"
#include "ldb_includes.h"
/* Shared map for converting syntax between formats */