The branch, master has been updated via 7f9d45b samba-tool: make sure we exit with an error on a bad command via 6e82e20 dbcheck: mark the dbcheck as known-fail via e593939 samba-tool: fixed some more calls to samba_tool join to be 'domain join' via 2cfe528 s4-selftest: added undump.sh script via e01f310 tdb: remove 'EOF' print from tdbrestore via 6257994 dbcheck: use string DN in delete when fixing broken strings DNs via a656b18 s4-provision: run dbcheck on a minimal set of objects in provision via a2c4258 s4-kcc: use dsdb_delete() instead of ldb_delete() via 114377a s4-dsdb: added dsdb_delete() function via a36af1a pyldb: use dn.is_child_of() instead of dn.compare_base() via 9117a2f samba_backup: check that directory really exists via fa194c3 tests: Add alpha13 dumped provision via 72ca5c3 s4-dsdb: Use controls provided during the request while searching for object to delete via 6362c9c s4-dsdb: check group membership only for non deleted objects via 76b1657 s4-dsdb: change the samba3sam test to add the show_deleted module via 3f6df9f pyldb: add unit test for ldbDn.compare_base via 521556c ldb-python: add a function to Dn object to compare the Dn with a base DN via 930fa1e update/add my copyright via 9a1dd24 s4-dsdb: In rootdse add extended dn info on all values for a given attribute via 245f4b2 s4-dsdb: add dsdb_module_extended function similar to other dsdb_module_* functions via b1ffe82 s4-schema: add systemFlags to dsdb classes objects via 88df1da s4-test: don't fix broken objects during dbcheck test via bba7dc5 dbcheck: test the --reindex option via 190ec87 s4-test: added dbcheck run to test suite via a8cba72 samba-tool: nicer error in passwordsettings with no settings via bfd94a1 samba-tool: testparm doesn't take any credentials via 7d39937 samba-tool: use 'exportkeytab' instead of 'dumpkeys' via 6e7b8aa samba-tool: Fix __doc_ in base classes via 5f5eb1b samba-tool: removed synopsis code in base class via 452e509 samba-tool: Fixed bugs to determine min and max # of allowed arguments via f03a059 samba-tool: Improved --help functionality via a2e2c13 samba-tool: fixed __doc__ in base classes via 903ec44 samba-tool: Fix error handling in SuperCommand class via 8e0a860 samba-tool: improved Option list for all user commands via 7c8b53a samba-tool: added error handling for the user command via a10e231 samba-tool: fixed drs commands synopsis via 57b796d samba-tool: fixed samba-tool user syntax via f1a079f samba-tool: fixed synopsis on user commands via c9bf702 samba-tool: fixed synopsis on all "user" commands via f6fa868 samba-tool: moved takes_optiongroups definition to Command base class via 1dfcb01 samba-tool: removed the assignment to parser.prog via 35d534b samba-tool: fixed prog name in samba-tool via df6fae2 samba-tool: update vampire.py message via b8b20f7 samba-tool: removed join as it has been replaced by domain join via 2cca4a4 samba-tool: moved join to domain join via 9f32f86 samba-tool: updated test suite for the new domain dumpkeys option via 8f274af samba-tool: removed export as it has been moved to domain dumpkeys via c049b14 samba-tool: moved export to domain dumpkeys via eb259a6 samba-tool: updated test suite to reflect the move from domainlevel to domain level via 0cef2bf samba-tool: removed domainlevel as it has been moved to domain level via 2d4988c samba-tool: moved domainlevel to domain level via e573037 samba-tool: removed machinepw as it has been moved to domain machinepassword via 41b2b7e samba-tool: moved machinepw to domain machinepassword via 8c7718a samba-tool: update test suite for the new domain object via 34f7492 samba-tool: removed pwsettings via e5255f0 samba-tool: created domain object, moved pwsettings to user passwordsettings via c4a9229 samba-tool: update test suite for add setpassword via 5720143 samba-tool: removed setpassword.py via ff7f323 samba-tool: added setpassword to user via 30ba5d0 samba-tool: fix summary of the fsmo command to be clearer from d622cad s3-torture: run_simple_posix_open_test(): replace cli_read_old() with cli_read()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 7f9d45bf10d36b1b443305e0f2e79cb448b98cbd Author: Andrew Tridgell <tri...@samba.org> Date: Thu Jul 21 10:29:21 2011 +1000 samba-tool: make sure we exit with an error on a bad command Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> Autobuild-User: Andrew Tridgell <tri...@samba.org> Autobuild-Date: Thu Jul 21 04:58:01 CEST 2011 on sn-devel-104 commit 6e82e208312c5a2dd870459041b9f2d756ab9ac9 Author: Andrew Tridgell <tri...@samba.org> Date: Tue Jul 19 12:57:59 2011 +1000 dbcheck: mark the dbcheck as known-fail this will fail till we correctly update backlinks to deleted objects commit e593939da1412bc8596027b05896c460bed244f8 Author: Andrew Tridgell <tri...@samba.org> Date: Tue Jul 19 12:54:37 2011 +1000 samba-tool: fixed some more calls to samba_tool join to be 'domain join' commit 2cfe528ab684c74e65e6f2617390fcd33e6baac4 Author: Andrew Tridgell <tri...@samba.org> Date: Thu Jul 14 14:03:53 2011 +1000 s4-selftest: added undump.sh script used to unpack a dumped set of provision files for selftest Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit e01f3108ff447239fb3cb2f89b4749c5f7b88c3b Author: Andrew Tridgell <tri...@samba.org> Date: Thu Jul 14 14:03:15 2011 +1000 tdb: remove 'EOF' print from tdbrestore the EOF message is pointless, and makes for noisy scripts Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit 6257994848dd71784445222d67077ea52ced61f3 Author: Andrew Tridgell <tri...@samba.org> Date: Thu Jul 14 14:02:38 2011 +1000 dbcheck: use string DN in delete when fixing broken strings DNs this prevents the extended_dn_in module from 'fixing' the DN for us Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit a656b189b8e9b7d111fd8c4760107ea3ca4488f5 Author: Andrew Tridgell <tri...@samba.org> Date: Thu Jul 14 13:35:14 2011 +1000 s4-provision: run dbcheck on a minimal set of objects in provision this speeds up the dbcheck in provision to fix only the objects that we know will need fixing Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit a2c425858b6bbc9756adba46d90fdfa6004c2ac2 Author: Andrew Tridgell <tri...@samba.org> Date: Thu Jul 14 13:18:48 2011 +1000 s4-kcc: use dsdb_delete() instead of ldb_delete() this adds the DSDB_SEARCH_SHOW_DELETED flag, which fixes deletion of deleted objects Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit 114377a91f3bf823ebd066e36a9bc0d16df4eff2 Author: Andrew Tridgell <tri...@samba.org> Date: Thu Jul 14 13:18:17 2011 +1000 s4-dsdb: added dsdb_delete() function this gives us a delete function that takes the standard set of dsdb flags Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit a36af1a5011dddd5551c768f9bf69188c8775a43 Author: Andrew Tridgell <tri...@samba.org> Date: Thu Jul 14 13:17:49 2011 +1000 pyldb: use dn.is_child_of() instead of dn.compare_base() the compare_base() C API doesn't really fit well in python, as it returns 0 for true. Better to have a boolean function for the python interface. Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit 9117a2fa3c5f6b6d16aefc9652670a2b5e878e7c Author: Matthieu Patou <m...@matws.net> Date: Sun Jun 12 00:40:31 2011 +0400 samba_backup: check that directory really exists commit fa194c33b2963c84b406beb1008b8de565b531b6 Author: Matthieu Patou <m...@matws.net> Date: Thu Jun 9 01:01:25 2011 +0400 tests: Add alpha13 dumped provision commit 72ca5c39c9a911791af3d0abb8a146093b5e3e67 Author: Matthieu Patou <m...@matws.net> Date: Wed Jun 8 12:20:32 2011 +0400 s4-dsdb: Use controls provided during the request while searching for object to delete If the parent request specify the show_deleted control we must use it in order to be able to see the deleted objects. Also we just allow to trusted connections with the system account to remove deleted objects, others receive an unwilling to perform. commit 6362c9c30d213381c5b51783d4842bf83de5074b Author: Matthieu Patou <m...@matws.net> Date: Sun Jun 5 00:42:35 2011 +0400 s4-dsdb: check group membership only for non deleted objects Group membership has been already removed on deleted objects so there is no mean doing something on this kind of object. commit 76b165778d6632a011fa96688c29167ee5e20921 Author: Andrew Tridgell <tri...@samba.org> Date: Wed Jul 20 15:31:42 2011 +1000 s4-dsdb: change the samba3sam test to add the show_deleted module this is needed now that the samldb module adds the show deleted control Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit 3f6df9f9e33266ba2f383dde17ed6f9de7dd54c9 Author: Matthieu Patou <m...@matws.net> Date: Sat Jun 11 18:31:28 2011 +0400 pyldb: add unit test for ldbDn.compare_base commit 521556ceed19fdba534e05859b7372c2422c7d98 Author: Matthieu Patou <m...@matws.net> Date: Tue May 24 01:30:15 2011 +0400 ldb-python: add a function to Dn object to compare the Dn with a base DN commit 930fa1ee46c8c129a31639ca2eb73be28ae6d0dd Author: Matthieu Patou <m...@matws.net> Date: Sun May 22 23:41:56 2011 +0400 update/add my copyright commit 9a1dd24ced168b837c0e384d0c9519530eb8530c Author: Matthieu Patou <m...@matws.net> Date: Fri May 13 13:31:13 2011 +0400 s4-dsdb: In rootdse add extended dn info on all values for a given attribute And not only on the fist value as it was the case up to this changeset. commit 245f4b22f4c4efc4f9a71bbbb5f46416a7f118ab Author: Matthieu Patou <m...@matws.net> Date: Sat May 14 00:26:26 2011 +0400 s4-dsdb: add dsdb_module_extended function similar to other dsdb_module_* functions commit b1ffe82facfbbde118e03d09a057645dbab4cd4e Author: Matthieu Patou <m...@matws.net> Date: Tue May 3 20:38:13 2011 +0400 s4-schema: add systemFlags to dsdb classes objects commit 88df1da2b203e6e7e2022aa0ea88c63acad62ed9 Author: Andrew Tridgell <tri...@samba.org> Date: Wed Jul 13 19:37:42 2011 +1000 s4-test: don't fix broken objects during dbcheck test this leaves the database as-is, which makes it easier to examine the problem commit bba7dc50927ae572a9a1897896867c24343e45d5 Author: Andrew Tridgell <tri...@samba.org> Date: Wed Jul 13 17:26:59 2011 +1000 dbcheck: test the --reindex option Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit 190ec8796409870d5af2bcd53482cd56cd73f33e Author: Andrew Tridgell <tri...@samba.org> Date: Wed Jul 13 10:50:24 2011 +1000 s4-test: added dbcheck run to test suite This should catch corruption that happens during a test run Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit a8cba72119987803a806c3e05f3b5ac3c1be755d Author: Andrew Tridgell <tri...@samba.org> Date: Tue Jul 19 11:39:52 2011 +1000 samba-tool: nicer error in passwordsettings with no settings Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit bfd94a1515ccb93d1e11b370ada5afc095982307 Author: Andrew Tridgell <tri...@samba.org> Date: Tue Jul 19 11:19:59 2011 +1000 samba-tool: testparm doesn't take any credentials Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit 7d399376b89b13417f7b1382259478bf82ae91c3 Author: Andrew Tridgell <tri...@samba.org> Date: Tue Jul 19 11:03:44 2011 +1000 samba-tool: use 'exportkeytab' instead of 'dumpkeys' a 'keytab' is a particular format known to administrators, whereas 'keys' is a bit too vague Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit 6e7b8aaf1d7b64df07fe2cbc731addd59be8e2d8 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jul 18 18:34:45 2011 -0400 samba-tool: Fix __doc_ in base classes Changed prog to samba-tool as prog is only meaningful in Parser Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 5f5eb1b00385fe1643dd5496c61954768fee3818 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jul 18 17:46:02 2011 -0400 samba-tool: removed synopsis code in base class As it is not always possible to determine the usage of a command solely based on the list of required and optional args, it is best to have the subclasses always define it, rather than displaying an incorrect usage statement. Currently, all commands are subclassing the synopsis. Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 452e50919efcd5d92df2bfad48ef106cd75ebad9 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jul 18 16:48:03 2011 -0400 samba-tool: Fixed bugs to determine min and max # of allowed arguments Fixed the bugs in the code to determine both the min and the max # of allowed arguments Changed the argument suffix convention from "*" to "+" to represent one or more arguments as: 1. It follows the Regular expression convention ("*" means 0 or more) 2. It is what was missing in terms of functionality NB Currently, no command is using the "*/+", but it is a good thing to have to help out the validation of the args if/when in the future we have such need Signed-off-by: Andrew Tridgell <tri...@samba.org> commit f03a059814ab757a112ea4504ffe8b933a905e3d Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jul 18 15:45:39 2011 -0400 samba-tool: Improved --help functionality Added a new --help msg Return an error when no subcommand is specified Signed-off-by: Andrew Tridgell <tri...@samba.org> commit a2e2c130b0472c7d44d6e9d6e98b9f88853bef7b Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jul 18 11:50:48 2011 -0400 samba-tool: fixed __doc__ in base classes Replaced the "net" word with %prog in all instances Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 903ec440c40bcbf040fc01cab339e42cbf3fdf5c Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jul 18 11:30:23 2011 -0400 samba-tool: Fix error handling in SuperCommand class Created show_command_error method to handle errors in SuperCommand Removed statement in SuperCommand to raise exception Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 8e0a86056139281b2e1ad7763e51cf804e38a77e Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jul 18 10:03:16 2011 -0400 samba-tool: improved Option list for all user commands Added metavar values for -H and added some default values for other options Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 7c8b53a49ed5fc6d811eafe15ffd247d06404946 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Fri Jul 15 15:23:36 2011 -0400 samba-tool: added error handling for the user command Caught exception whenever possible, added new check for newpassword to make sure it contains some chars Signed-off-by: Andrew Tridgell <tri...@samba.org> commit a10e231b3b21a69783d97170652b95c547d4a44c Author: Giampaolo Lauria <laur...@yahoo.com> Date: Fri Jul 15 14:20:03 2011 -0400 samba-tool: fixed drs commands synopsis Added [options] as needed Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 57b796d4353d3fde7b47d4c008e9dfe136008fac Author: Andrew Tridgell <tri...@samba.org> Date: Thu Jul 21 10:29:40 2011 +1000 samba-tool: fixed samba-tool user syntax Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit f1a079f8dd3a783fa8f7ab40290457400232c308 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Fri Jul 15 13:58:00 2011 -0400 samba-tool: fixed synopsis on user commands Fixed all synopsis to contain [options], filter, and username Signed-off-by: Andrew Tridgell <tri...@samba.org> commit c9bf7022fd9a20abf5d75bb7543f132203566ab8 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Fri Jul 15 13:46:27 2011 -0400 samba-tool: fixed synopsis on all "user" commands Added [options] where needed, fixed others where filter or username was needed, renamed name to username Signed-off-by: Andrew Tridgell <tri...@samba.org> commit f6fa8684896b8f3f9f8b7bd3742c99906973274c Author: Giampaolo Lauria <laur...@yahoo.com> Date: Fri Jul 15 12:07:03 2011 -0400 samba-tool: moved takes_optiongroups definition to Command base class The option groups should be defined at the Command base class level as they are in common across all samba-tool commands. Major move advantages: 1. more OOP approach 2. enforcing consistency across commands 3. avoiding the need of declaring for every new command Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 1dfcb019d2dcca1d21ec32ee05bf7da15ca84e9f Author: Giampaolo Lauria <laur...@yahoo.com> Date: Fri Jul 15 09:47:51 2011 -0400 samba-tool: removed the assignment to parser.prog The prog should only be set if we want it to be different than the name of the program that executed it. I think that for better portability we should not set it and let it default to samba-tool. Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 35d534b02645e51d45472ca696cc8d92be7836fa Author: Giampaolo Lauria <laur...@yahoo.com> Date: Wed Jul 6 14:13:39 2011 -0400 samba-tool: fixed prog name in samba-tool Changed the prog name from net to samba-tool so that the usage statement is now correct Signed-off-by: Andrew Tridgell <tri...@samba.org> commit df6fae2f138269578531f833c86859795785cd73 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Tue Jun 28 15:14:16 2011 -0400 samba-tool: update vampire.py message The update was necessary to reflect the move from join to domain join as part of the object-action work Signed-off-by: Andrew Tridgell <tri...@samba.org> commit b8b20f7a46c2460acf9e32849efdb610b0d97cb1 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Tue Jun 28 15:09:04 2011 -0400 samba-tool: removed join as it has been replaced by domain join This is part of the samba-tool work to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 2cca4a44fe7247af85110c9b7e3c64363464bfd4 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Tue Jun 28 15:06:41 2011 -0400 samba-tool: moved join to domain join This is part of the samba-tool work to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 9f32f86018ac6463586bcac74424730a1aa9ac3b Author: Giampaolo Lauria <laur...@yahoo.com> Date: Tue Jun 28 12:29:09 2011 -0400 samba-tool: updated test suite for the new domain dumpkeys option The test suite has been changed to reflect the move from export to "domain dumpkeys" to reflect the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 8f274af3f851a31308b3f55b932e6d579fd66023 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Tue Jun 28 12:22:39 2011 -0400 samba-tool: removed export as it has been moved to domain dumpkeys The functionality of export has been moved to domain dumpkeys to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit c049b14dc19c01393d6837532e5bf4f2faeb4bbe Author: Giampaolo Lauria <laur...@yahoo.com> Date: Tue Jun 28 12:19:08 2011 -0400 samba-tool: moved export to domain dumpkeys This is part of the samba-tool work to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit eb259a676db27ff43fc8d59f05a7f6698b8adec7 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Tue Jun 28 11:53:15 2011 -0400 samba-tool: updated test suite to reflect the move from domainlevel to domain level The test suite needs to reflect the change from domailevel to "domain level" to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 0cef2bff9cf0bea695898bd8237613cfa2b2e7f8 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Tue Jun 28 11:48:13 2011 -0400 samba-tool: removed domainlevel as it has been moved to domain level The functionality of domainlevel has been moved the "domain level" to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 2d4988c3d79e501003875cd26b7f9aaa72402b31 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Tue Jun 28 11:41:39 2011 -0400 samba-tool: moved domainlevel to domain level This is part of the samba-tool work to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit e573037ac547905d1e57b22602bcfce55889dde7 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jun 27 17:06:35 2011 -0400 samba-tool: removed machinepw as it has been moved to domain machinepassword The functionality of machinepwd has been moved to "domain machinepassword" to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 41b2b7e160c57a969c27a60f71c091d9c70bfd42 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jun 27 17:04:10 2011 -0400 samba-tool: moved machinepw to domain machinepassword This is part of the samba-tool work to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 8c7718ac16598cc3f1dbb1d0854ef86f614b1f5d Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jun 27 16:49:43 2011 -0400 samba-tool: update test suite for the new domain object Changed test suite to reflect the changes from setpassword to "domain setpassword" to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 34f7492b1ea2d794fced8d2e3634170f8fa98dff Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jun 27 16:37:26 2011 -0400 samba-tool: removed pwsettings pwsettings functionality has been moved to user passwordsettings to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit e5255f0920d064a43d8d261889079f068159dba5 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jun 27 16:32:22 2011 -0400 samba-tool: created domain object, moved pwsettings to user passwordsettings This is part of the samba-tool work to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit c4a92292c127244596795675902176e6483895c7 Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jun 27 14:31:34 2011 -0400 samba-tool: update test suite for add setpassword The test suite needs to change from setpassword to "user setpassword" to reflect the new cmd syntax Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 5720143e860158c2aa79fd0101051574cf20d2ee Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jun 27 13:07:30 2011 -0400 samba-tool: removed setpassword.py The functionality in setppasword has now been moved to "user setpassword" to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit ff7f3239039e340c39968cb13dda4de85d3f34bb Author: Giampaolo Lauria <laur...@yahoo.com> Date: Mon Jun 27 12:59:41 2011 -0400 samba-tool: added setpassword to user This is part of the samba-tool work to fit the object-action model Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 30ba5d049091e9ebc76e28c13a8654d4307a7faa Author: Giampaolo Lauria <laur...@yahoo.com> Date: Wed Jun 15 18:41:02 2011 -0400 samba-tool: fix summary of the fsmo command to be clearer fsmo command is for general FSMO management Signed-off-by: Andrew Tridgell <tri...@samba.org> ----------------------------------------------------------------------- Summary of changes: lib/ldb/pyldb.c | 17 + lib/ldb/tests/python/api.py | 12 + lib/tdb/tools/tdbrestore.c | 1 - selftest/target/Samba4.pm | 8 +- source4/dsdb/common/util.c | 30 + source4/dsdb/kcc/kcc_deleted.c | 2 +- source4/dsdb/samdb/ldb_modules/linked_attributes.c | 1 + source4/dsdb/samdb/ldb_modules/objectclass.c | 14 +- source4/dsdb/samdb/ldb_modules/rootdse.c | 142 +- source4/dsdb/samdb/ldb_modules/samldb.c | 11 +- source4/dsdb/samdb/ldb_modules/util.c | 62 + source4/dsdb/schema/schema.h | 1 + source4/dsdb/schema/schema_init.c | 1 + source4/dsdb/schema/schema_set.c | 1 + source4/scripting/bin/samba_backup | 12 +- source4/scripting/devel/drs/vampire_ad.sh | 2 +- source4/scripting/python/samba/dbchecker.py | 2 +- source4/scripting/python/samba/netcmd/__init__.py | 79 +- source4/scripting/python/samba/netcmd/dbcheck.py | 7 +- .../scripting/python/samba/netcmd/delegation.py | 31 +- source4/scripting/python/samba/netcmd/domain.py | 500 + .../scripting/python/samba/netcmd/domainlevel.py | 247 - source4/scripting/python/samba/netcmd/drs.py | 41 +- source4/scripting/python/samba/netcmd/dsacl.py | 7 +- source4/scripting/python/samba/netcmd/export.py | 56 - source4/scripting/python/samba/netcmd/fsmo.py | 9 +- source4/scripting/python/samba/netcmd/gpo.py | 13 +- source4/scripting/python/samba/netcmd/group.py | 25 +- source4/scripting/python/samba/netcmd/join.py | 78 - source4/scripting/python/samba/netcmd/ldapcmp.py | 7 +- source4/scripting/python/samba/netcmd/machinepw.py | 56 - source4/scripting/python/samba/netcmd/netacl.py | 1 + source4/scripting/python/samba/netcmd/newuser.py | 7 +- source4/scripting/python/samba/netcmd/ntacl.py | 13 +- .../scripting/python/samba/netcmd/pwsettings.py | 197 - source4/scripting/python/samba/netcmd/rodc.py | 7 +- .../scripting/python/samba/netcmd/setpassword.py | 80 - source4/scripting/python/samba/netcmd/spn.py | 18 +- source4/scripting/python/samba/netcmd/testparm.py | 5 +- source4/scripting/python/samba/netcmd/time.py | 7 +- source4/scripting/python/samba/netcmd/user.py | 128 +- source4/scripting/python/samba/netcmd/vampire.py | 9 +- .../scripting/python/samba/provision/__init__.py | 12 +- source4/scripting/python/samba/tests/samba3sam.py | 2 +- source4/selftest/knownfail | 1 + .../provisions/alpha13/etc/smb.conf.template | 17 + .../selftest/provisions/alpha13/private/dns.keytab | Bin 0 -> 370 bytes .../alpha13/private/dns/alpha13.samba.corp.zone | 50 + .../provisions/alpha13/private/dns_update_list | 22 + .../provisions/alpha13/private/eadb.tdb.dump | 96 + .../provisions/alpha13/private/hklm.ldb.dump | 80 + .../provisions/alpha13/private/idmap.ldb.dump | 60 + .../selftest/provisions/alpha13/private/krb5.conf | 17 + .../selftest/provisions/alpha13/private/named.conf | 38 + .../provisions/alpha13/private}/named.conf.update | 0 .../selftest/provisions/alpha13/private/named.txt | 46 + .../alpha13/private/phpldapadmin-config.php | 28 + .../provisions/alpha13/private/privilege.ldb.dump | 156 + ...FIGURATION,DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump |28924 +++++++++++++ ...FIGURATION,DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump |43468 ++++++++++++++++++++ .../sam.ldb.d/DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump | 5876 +++ .../provisions/alpha13/private/sam.ldb.dump | 40 + .../provisions/alpha13/private/secrets.keytab | Bin 0 -> 298 bytes .../provisions/alpha13/private/secrets.ldb.dump | 48 + .../provisions/alpha13/private/share.ldb.dump | 32 + .../provisions/alpha13/private/spn_update_list | 27 + .../{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI | 2 + .../{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI | 2 + source4/selftest/provisions/undump.sh | 20 + source4/selftest/quick | 1 + source4/selftest/tests.py | 3 + source4/setup/tests/blackbox_newuser.sh | 4 +- source4/setup/tests/blackbox_setpassword.sh | 6 +- source4/smb_server/smb/trans2.c | 2 +- source4/utils/tests/test_samba_tool.sh | 2 +- testprogs/blackbox/dbcheck.sh | 26 + testprogs/blackbox/test_export_keytab.sh | 4 +- testprogs/blackbox/test_kinit.sh | 4 +- testprogs/blackbox/test_passwords.sh | 16 +- wintest/test-s4-howto.py | 10 +- 80 files changed, 80006 insertions(+), 1083 deletions(-) create mode 100644 source4/scripting/python/samba/netcmd/domain.py delete mode 100644 source4/scripting/python/samba/netcmd/domainlevel.py delete mode 100644 source4/scripting/python/samba/netcmd/export.py delete mode 100644 source4/scripting/python/samba/netcmd/join.py delete mode 100644 source4/scripting/python/samba/netcmd/machinepw.py delete mode 100644 source4/scripting/python/samba/netcmd/pwsettings.py delete mode 100644 source4/scripting/python/samba/netcmd/setpassword.py create mode 100644 source4/selftest/provisions/alpha13/etc/smb.conf.template create mode 100644 source4/selftest/provisions/alpha13/private/dns.keytab create mode 100644 source4/selftest/provisions/alpha13/private/dns/alpha13.samba.corp.zone create mode 100644 source4/selftest/provisions/alpha13/private/dns_update_list create mode 100644 source4/selftest/provisions/alpha13/private/eadb.tdb.dump create mode 100644 source4/selftest/provisions/alpha13/private/hklm.ldb.dump create mode 100644 source4/selftest/provisions/alpha13/private/idmap.ldb.dump create mode 100644 source4/selftest/provisions/alpha13/private/krb5.conf create mode 100644 source4/selftest/provisions/alpha13/private/named.conf copy source4/{setup => selftest/provisions/alpha13/private}/named.conf.update (100%) create mode 100644 source4/selftest/provisions/alpha13/private/named.txt create mode 100644 source4/selftest/provisions/alpha13/private/phpldapadmin-config.php create mode 100644 source4/selftest/provisions/alpha13/private/privilege.ldb.dump create mode 100644 source4/selftest/provisions/alpha13/private/sam.ldb.d/CN=CONFIGURATION,DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump create mode 100644 source4/selftest/provisions/alpha13/private/sam.ldb.d/CN=SCHEMA,CN=CONFIGURATION,DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump create mode 100644 source4/selftest/provisions/alpha13/private/sam.ldb.d/DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump create mode 100644 source4/selftest/provisions/alpha13/private/sam.ldb.dump create mode 100644 source4/selftest/provisions/alpha13/private/secrets.keytab create mode 100644 source4/selftest/provisions/alpha13/private/secrets.ldb.dump create mode 100644 source4/selftest/provisions/alpha13/private/share.ldb.dump create mode 100644 source4/selftest/provisions/alpha13/private/spn_update_list create mode 100644 source4/selftest/provisions/alpha13/sysvol/alpha13.samba.corp/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI create mode 100644 source4/selftest/provisions/alpha13/sysvol/alpha13.samba.corp/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI create mode 100755 source4/selftest/provisions/undump.sh create mode 100755 testprogs/blackbox/dbcheck.sh Changeset truncated at 500 lines: diff --git a/lib/ldb/pyldb.c b/lib/ldb/pyldb.c index e2a2e71..adec424 100644 --- a/lib/ldb/pyldb.c +++ b/lib/ldb/pyldb.c @@ -522,6 +522,21 @@ static PyObject *py_ldb_dn_add_base(PyLdbDnObject *self, PyObject *args) return ldb_dn_add_base(dn, other)?Py_True:Py_False; } +static PyObject *py_ldb_dn_is_child_of(PyLdbDnObject *self, PyObject *args) +{ + PyObject *py_base; + struct ldb_dn *dn, *base; + if (!PyArg_ParseTuple(args, "O", &py_base)) + return NULL; + + dn = PyLdbDn_AsDn((PyObject *)self); + + if (!PyObject_AsDn(NULL, py_base, dn_ldb_ctx(dn), &base)) + return NULL; + + return PyBool_FromLong(ldb_dn_compare_base(base, dn) == 0); +} + static PyMethodDef py_ldb_dn_methods[] = { { "validate", (PyCFunction)py_ldb_dn_validate, METH_NOARGS, "S.validate() -> bool\n" @@ -540,6 +555,8 @@ static PyMethodDef py_ldb_dn_methods[] = { { "canonical_str", (PyCFunction)py_ldb_dn_canonical_str, METH_NOARGS, "S.canonical_str() -> string\n" "Canonical version of this DN (like a posix path)." }, + { "is_child_of", (PyCFunction)py_ldb_dn_is_child_of, METH_VARARGS, + "S.is_child_of(basedn) -> int\nReturns True if this DN is a child of basedn\n"}, { "canonical_ex_str", (PyCFunction)py_ldb_dn_canonical_ex_str, METH_NOARGS, "S.canonical_ex_str() -> string\n" "Canonical version of this DN (like a posix path, with terminating newline)." }, diff --git a/lib/ldb/tests/python/api.py b/lib/ldb/tests/python/api.py index e7658d5..bd10b0b 100755 --- a/lib/ldb/tests/python/api.py +++ b/lib/ldb/tests/python/api.py @@ -437,6 +437,18 @@ class DnTests(unittest.TestCase): x = ldb.Dn(self.ldb, "dc=foo26,bar=bloe") self.assertEquals("/bloe\nfoo26", x.canonical_ex_str()) + def test_ldb_is_child_of(self): + """Testing ldb_dn_compare_dn""" + dn1 = ldb.Dn(self.ldb, "dc=base") + dn2 = ldb.Dn(self.ldb, "cn=foo,dc=base") + dn3 = ldb.Dn(self.ldb, "cn=bar,dc=base") + dn4 = ldb.Dn(self.ldb, "cn=baz,cn=bar,dc=base") + + self.assertTrue(dn2.is_child_of(dn1)) + self.assertTrue(dn4.is_child_of(dn1)) + self.assertTrue(dn4.is_child_of(dn3)) + self.assertFalse(dn3.is_child_of(dn2)) + self.assertFalse(dn1.is_child_of(dn4)) class LdbMsgTests(unittest.TestCase): diff --git a/lib/tdb/tools/tdbrestore.c b/lib/tdb/tools/tdbrestore.c index 1daac63..8106cf9 100644 --- a/lib/tdb/tools/tdbrestore.c +++ b/lib/tdb/tools/tdbrestore.c @@ -206,7 +206,6 @@ static int restore_tdb(const char *fname) fprintf(stderr, "Error closing tdb\n"); return 1; } - fprintf(stderr, "EOF\n"); return 0; } diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index 2610232..47f1bad 100644 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -860,7 +860,7 @@ sub provision_member($$$) my $cmd = ""; $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" "; $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; - $cmd .= "$samba_tool join $ret->{CONFIGURATION} $dcvars->{REALM} member"; + $cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} member"; $cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}"; unless (system($cmd) == 0) { @@ -928,7 +928,7 @@ sub provision_rpc_proxy($$$) my $cmd = ""; $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" "; $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; - $cmd .= "$samba_tool join $ret->{CONFIGURATION} $dcvars->{REALM} member"; + $cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} member"; $cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}"; unless (system($cmd) == 0) { @@ -1012,7 +1012,7 @@ sub provision_vampire_dc($$$) my $cmd = ""; $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" "; $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; - $cmd .= "$samba_tool join $ret->{CONFIGURATION} $dcvars->{REALM} DC --realm=$dcvars->{REALM}"; + $cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} DC --realm=$dcvars->{REALM}"; $cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}"; unless (system($cmd) == 0) { @@ -1184,7 +1184,7 @@ sub provision_rodc($$$) my $cmd = ""; $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" "; $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; - $cmd .= "$samba_tool join $ret->{CONFIGURATION} $dcvars->{REALM} RODC"; + $cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} RODC"; $cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}"; $cmd .= " --server=$dcvars->{DC_SERVER}"; diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 7283405..ae2ca74 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -3723,6 +3723,36 @@ int dsdb_modify(struct ldb_context *ldb, const struct ldb_message *message, } /* + a delete with a set of flags +*/ +int dsdb_delete(struct ldb_context *ldb, const struct ldb_dn *dn, + uint32_t dsdb_flags) +{ + struct ldb_request *req; + int ret; + + ret = ldb_build_del_req(&req, ldb, ldb, + dn, + NULL, + NULL, + ldb_op_default_callback, + NULL); + + if (ret != LDB_SUCCESS) return ret; + + ret = dsdb_request_add_controls(req, dsdb_flags); + if (ret != LDB_SUCCESS) { + talloc_free(req); + return ret; + } + + ret = dsdb_autotransaction_request(ldb, req); + + talloc_free(req); + return ret; +} + +/* like dsdb_modify() but set all the element flags to LDB_FLAG_MOD_REPLACE */ diff --git a/source4/dsdb/kcc/kcc_deleted.c b/source4/dsdb/kcc/kcc_deleted.c index 35f538d..5d2585d 100644 --- a/source4/dsdb/kcc/kcc_deleted.c +++ b/source4/dsdb/kcc/kcc_deleted.c @@ -89,7 +89,7 @@ NTSTATUS kccsrv_check_deleted(struct kccsrv_service *s, TALLOC_CTX *mem_ctx) whenChanged = ldb_string_to_time(tstring); } if (t - whenChanged > tombstoneLifetime*60*60*24) { - ret = ldb_delete(s->samdb, res->msgs[i]->dn); + ret = dsdb_delete(s->samdb, res->msgs[i]->dn, DSDB_SEARCH_SHOW_DELETED); if (ret != LDB_SUCCESS) { DEBUG(1,(__location__ ": Failed to remove deleted object %s\n", ldb_dn_get_linearized(res->msgs[i]->dn))); diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index 6948800..cc6a489 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -3,6 +3,7 @@ Copyright (C) Andrew Bartlett <abart...@samba.org> 2007 Copyright (C) Simo Sorce <i...@samba.org> 2008 + Copyright (C) Matthieu Patou <m...@matws.net> 2011 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c index fd39937..7ae90d3 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass.c @@ -1419,6 +1419,7 @@ static int objectclass_delete(struct ldb_module *module, struct ldb_request *req { static const char * const attrs[] = { "nCName", "objectClass", "systemFlags", + "isDeleted", "isCriticalSystemObject", NULL }; struct ldb_context *ldb; struct ldb_request *search_req; @@ -1450,7 +1451,7 @@ static int objectclass_delete(struct ldb_module *module, struct ldb_request *req ret = ldb_build_search_req(&search_req, ldb, ac, req->op.del.dn, LDB_SCOPE_BASE, "(objectClass=*)", - attrs, NULL, + attrs, req->controls, ac, get_search_callback, req); LDB_REQ_SET_LOCATION(search_req); @@ -1505,6 +1506,17 @@ static int objectclass_do_delete(struct oc_context *ac) talloc_free(dn); } + /* Only trusted request from system account are allowed to delete + * deleted objects. + */ + if (ldb_msg_check_string_attribute(ac->search_res->message, "isDeleted", "TRUE") && + (ldb_req_is_untrusted(ac->req) || + !dsdb_module_am_system(ac->module))) { + ldb_asprintf_errstring(ldb, "Delete of '%s' failed", + ldb_dn_get_linearized(ac->req->op.del.dn)); + return LDB_ERR_UNWILLING_TO_PERFORM; + } + /* crossRef objects regarding config, schema and default domain NCs */ if (samdb_find_attribute(ldb, ac->search_res->message, "objectClass", "crossRef") != NULL) { diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index c584a11..2499e82 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -5,6 +5,7 @@ Copyright (C) Andrew Tridgell 2005 Copyright (C) Simo Sorce 2005-2008 + Copyright (C) Matthieu Patou <m...@matws.net> 2011 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -76,6 +77,8 @@ static int expand_dn_in_message(struct ldb_module *module, struct ldb_message *m TALLOC_CTX *tmp_ctx = talloc_new(req); struct ldb_context *ldb; int edn_type = 0; + unsigned int i; + struct ldb_message_element *el; ldb = ldb_module_get_ctx(module); @@ -84,76 +87,83 @@ static int expand_dn_in_message(struct ldb_module *module, struct ldb_message *m edn_type = edn->type; } - v = discard_const_p(struct ldb_val, ldb_msg_find_ldb_val(msg, attrname)); - if (v == NULL) { - talloc_free(tmp_ctx); + el = ldb_msg_find_element(msg, attrname); + if (!el || el->num_values == 0) { return LDB_SUCCESS; } - dn_string = talloc_strndup(tmp_ctx, (const char *)v->data, v->length); - if (dn_string == NULL) { - talloc_free(tmp_ctx); - return ldb_operr(ldb); - } + for (i = 0; i < el->num_values; i++) { + v = &el->values[i]; + if (v == NULL) { + talloc_free(tmp_ctx); + return LDB_SUCCESS; + } - res = talloc_zero(tmp_ctx, struct ldb_result); - if (res == NULL) { - talloc_free(tmp_ctx); - return ldb_operr(ldb); - } + dn_string = talloc_strndup(tmp_ctx, (const char *)v->data, v->length); + if (dn_string == NULL) { + talloc_free(tmp_ctx); + return ldb_operr(ldb); + } - dn = ldb_dn_new(tmp_ctx, ldb, dn_string); - if (dn == NULL) { - talloc_free(tmp_ctx); - return ldb_operr(ldb); - } + res = talloc_zero(tmp_ctx, struct ldb_result); + if (res == NULL) { + talloc_free(tmp_ctx); + return ldb_operr(ldb); + } - ret = ldb_build_search_req(&req2, ldb, tmp_ctx, - dn, - LDB_SCOPE_BASE, - NULL, - no_attrs, - NULL, - res, ldb_search_default_callback, - req); - LDB_REQ_SET_LOCATION(req2); - if (ret != LDB_SUCCESS) { - talloc_free(tmp_ctx); - return ret; - } + dn = ldb_dn_new(tmp_ctx, ldb, dn_string); + if (dn == NULL) { + talloc_free(tmp_ctx); + return ldb_operr(ldb); + } + + ret = ldb_build_search_req(&req2, ldb, tmp_ctx, + dn, + LDB_SCOPE_BASE, + NULL, + no_attrs, + NULL, + res, ldb_search_default_callback, + req); + LDB_REQ_SET_LOCATION(req2); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } - ret = ldb_request_add_control(req2, - LDB_CONTROL_EXTENDED_DN_OID, - edn_control->critical, edn); - if (ret != LDB_SUCCESS) { - talloc_free(tmp_ctx); - return ret; - } + ret = ldb_request_add_control(req2, + LDB_CONTROL_EXTENDED_DN_OID, + edn_control->critical, edn); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ldb_error(ldb, ret, "Failed to add control"); + } - ret = ldb_next_request(module, req2); - if (ret == LDB_SUCCESS) { - ret = ldb_wait(req2->handle, LDB_WAIT_ALL); - } - if (ret != LDB_SUCCESS) { - talloc_free(tmp_ctx); - return ret; - } + ret = ldb_next_request(module, req2); + if (ret == LDB_SUCCESS) { + ret = ldb_wait(req2->handle, LDB_WAIT_ALL); + } - if (!res || res->count != 1) { - talloc_free(tmp_ctx); - return ldb_operr(ldb); - } + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } - dn2 = res->msgs[0]->dn; + if (!res || res->count != 1) { + talloc_free(tmp_ctx); + return ldb_operr(ldb); + } - v->data = (uint8_t *)ldb_dn_get_extended_linearized(msg->elements, dn2, edn_type); - if (v->data == NULL) { - talloc_free(tmp_ctx); - return ldb_operr(ldb); - } - v->length = strlen((char *)v->data); + dn2 = res->msgs[0]->dn; + v->data = (uint8_t *)ldb_dn_get_extended_linearized(msg->elements, dn2, edn_type); + if (v->data == NULL) { + talloc_free(tmp_ctx); + return ldb_operr(ldb); + } + v->length = strlen((char *)v->data); + } talloc_free(tmp_ctx); diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index 5c94099..6ca3fe8 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -2178,17 +2178,24 @@ static int samldb_prim_group_users_check(struct samldb_ctx *ac) NTSTATUS status; int ret; struct ldb_result *res; - const char *attrs[] = { "objectSid", NULL }; + const char *attrs[] = { "objectSid", "isDeleted", NULL }; const char *noattrs[] = { NULL }; ldb = ldb_module_get_ctx(ac->module); /* Finds out the SID/RID of the SAM object */ - ret = dsdb_module_search_dn(ac->module, ac, &res, ac->req->op.del.dn, attrs, DSDB_FLAG_NEXT_MODULE, ac->req); + ret = dsdb_module_search_dn(ac->module, ac, &res, ac->req->op.del.dn, + attrs, + DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SHOW_DELETED, + ac->req); if (ret != LDB_SUCCESS) { return ret; } + if (ldb_msg_check_string_attribute(res->msgs[0], "isDeleted", "TRUE")) { + return LDB_SUCCESS; + } + sid = samdb_result_dom_sid(ac, res->msgs[0], "objectSid"); if (sid == NULL) { /* No SID - it might not be a SAM object - therefore ok */ diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c index 7dbf233..ebb214d 100644 --- a/source4/dsdb/samdb/ldb_modules/util.c +++ b/source4/dsdb/samdb/ldb_modules/util.c @@ -4,6 +4,7 @@ Copyright (C) Andrew Tridgell 2009 Copyright (C) Andrew Bartlett <abart...@samba.org> 2009 + Copyright (C) Matthieu Patou <m...@matws.net> 2011 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -308,7 +309,68 @@ int dsdb_module_guid_by_dn(struct ldb_module *module, struct ldb_dn *dn, struct talloc_free(tmp_ctx); return LDB_SUCCESS; } +/* + a ldb_extended request operating on modules below the + current module + */ +int dsdb_module_extended(struct ldb_module *module, + const char* oid, void* data, + uint32_t dsdb_flags, + struct ldb_request *parent) +{ + struct ldb_request *req; + int ret; + struct ldb_context *ldb = ldb_module_get_ctx(module); + TALLOC_CTX *tmp_ctx = talloc_new(module); + struct ldb_result *res; + + res = talloc_zero(tmp_ctx, struct ldb_result); + if (!res) { + talloc_free(tmp_ctx); + return ldb_oom(ldb_module_get_ctx(module)); + } + + ret = ldb_build_extended_req(&req, ldb, + tmp_ctx, + oid, + data, + NULL, + res, ldb_extended_default_callback, + parent); + + LDB_REQ_SET_LOCATION(req); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + + ret = dsdb_request_add_controls(req, dsdb_flags); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + if (dsdb_flags & DSDB_FLAG_TRUSTED) { + ldb_req_mark_trusted(req); + } + + /* Run the new request */ + if (dsdb_flags & DSDB_FLAG_NEXT_MODULE) { + ret = ldb_next_request(module, req); + } else if (dsdb_flags & DSDB_FLAG_TOP_MODULE) { + ret = ldb_request(ldb_module_get_ctx(module), req); + } else { + const struct ldb_module_ops *ops = ldb_module_get_ops(module); + SMB_ASSERT(dsdb_flags & DSDB_FLAG_OWN_MODULE); + ret = ops->extended(module, req); + } + if (ret == LDB_SUCCESS) { + ret = ldb_wait(req->handle, LDB_WAIT_ALL); + } + + talloc_free(tmp_ctx); + return ret; +} /* a ldb_modify request operating on modules below the current module diff --git a/source4/dsdb/schema/schema.h b/source4/dsdb/schema/schema.h index 5ba2254..7535179 100644 --- a/source4/dsdb/schema/schema.h +++ b/source4/dsdb/schema/schema.h @@ -143,6 +143,7 @@ struct dsdb_class { const char *defaultSecurityDescriptor; uint32_t schemaFlagsEx; + uint32_t systemFlags; struct ldb_val msDs_Schema_Extensions; -- Samba Shared Repository