On Mon, 2008-09-08 at 22:22 +1000, Andrew Bartlett wrote: > How do I determine what LDAP values a Microsoft client tool is expecting? > > For example, with the attached patch against current GIT...
And here I attache the patch... Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
diff --git a/source/dsdb/common/flags.h b/source/dsdb/common/flags.h
index bdd61a3..dd80817 100644
--- a/source/dsdb/common/flags.h
+++ b/source/dsdb/common/flags.h
@@ -111,6 +111,7 @@
#define SYSTEM_FLAG_CR_NTDS_DOMAIN 0x00000002
#define SYSTEM_FLAG_CR_NTDS_NOT_GC_REPLICATED 0x00000004
#define SYSTEM_FLAG_SCHEMA_BASE_OBJECT 0x00000010
+#define SYSTEM_FLAG_ATTR_IS_RDN 0x00000020
#define SYSTEM_FLAG_DISALLOW_MOVE_ON_DELETE 0x02000000
#define SYSTEM_FLAG_DOMAIN_DISALLOW_MOVE 0x04000000
#define SYSTEM_FLAG_DOMAIN_DISALLOW_RENAME 0x08000000
diff --git a/source/dsdb/samdb/ldb_modules/rootdse.c b/source/dsdb/samdb/ldb_modules/rootdse.c
index ebc90d4..84cf74a 100644
--- a/source/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source/dsdb/samdb/ldb_modules/rootdse.c
@@ -33,6 +33,7 @@ struct private_data {
char **controls;
int num_partitions;
struct ldb_dn **partitions;
+ bool is_gc;
};
/*
@@ -75,6 +76,13 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms
goto failed;
}
}
+
+ /* This attribute is written by the provision, but if we are
+ * not a Global Catalog server, we should not advertise
+ * this */
+ if (!priv->is_gc) {
+ ldb_msg_remove_attr(msg, "isGlobalCatalogReady");
+ }
if (do_attribute(attrs, "supportedControl")) {
int i;
@@ -389,6 +397,8 @@ static int rootdse_init(struct ldb_module *module)
ldb_set_default_dns(module->ldb);
+ data->is_gc = samdb_is_gc(module->ldb);
+
return ldb_next_init(module);
}
diff --git a/source/setup/provision_rootdse_add.ldif b/source/setup/provision_rootdse_add.ldif
index 14e0d71..529a6b3 100644
--- a/source/setup/provision_rootdse_add.ldif
+++ b/source/setup/provision_rootdse_add.ldif
@@ -15,3 +15,12 @@ forestFunctionality: 0
domainControllerFunctionality: 2
isSynchronized: FALSE
vendorName: Samba Team (http://samba.org)
+#We are AD
+supportedCapabilities: 1.2.840.113556.1.4.800
+#Oids to indicate AD versions we are emulating
+supportedCapabilities: 1.2.840.113556.1.4.1670
+supportedCapabilities: 1.2.840.113556.1.4.1791
+supportedCapabilities: 1.2.840.113556.1.4.1935
+domainFunctionality: 3
+forestFunctionality: 3
+domainControllerFunctionality: 3
diff --git a/source/setup/provision_rootdse_modify.ldif b/source/setup/provision_rootdse_modify.ldif
index 1f95017..9a6427b 100644
--- a/source/setup/provision_rootdse_modify.ldif
+++ b/source/setup/provision_rootdse_modify.ldif
@@ -3,3 +3,5 @@ dn: @ROOTDSE
changetype: modify
replace: isSynchronized
isSynchronized: TRUE
+replace: isGlobalCatalogReady
+isGlobalCatalogReady: TRUE
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
