The branch, master has been updated
via 6ed5b1c Cleanup map return codes
via dcbd4ed Fix OpenLDAP partition configs
via f2bcceb lib/ldb-samba/ldb_ildap: Also skip special base DNs
from 6ef3c98 docs-xml: document SMB3_02 as available protocol for the
client side
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 6ed5b1c159867466e54a54a10adcc6c49a0a7837
Author: Howard Chu <[email protected]>
Date: Mon Sep 16 19:02:26 2013 -0700
Cleanup map return codes
-1 was never a valid LDB return code, just use OPERATIONS_ERROR
Signed-off-by: Howard Chu <[email protected]>
Reviewed-by: Andrew Bartlett <[email protected]>
Autobuild-User(master): Nadezhda Ivanova <[email protected]>
Autobuild-Date(master): Tue Sep 17 07:51:45 CEST 2013 on sn-devel-104
commit dcbd4ede2f320df9264a138685a2214bfa1ef6a1
Author: Howard Chu <[email protected]>
Date: Mon Sep 16 14:14:10 2013 -0700
Fix OpenLDAP partition configs
Update to use LMDB backend, BDB is deprecated
Update to support DomainDNSZones and ForestDNSZones partitions.
Signed-off-by: Howard Chu <[email protected]>
Reviewed-by: Andrew Bartlett <[email protected]>
commit f2bccebd913f023e3d99282be4e831d012cd3578
Author: Andrew Bartlett <[email protected]>
Date: Mon Sep 16 14:22:53 2013 -0700
lib/ldb-samba/ldb_ildap: Also skip special base DNs
This is so we do not search for @REPLCHANGED against ldap
Signed-off-by: Andrew Bartlett <[email protected]>
Reviewed-by: Nadezhda Ivanova <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
lib/ldb-samba/ldb_ildap.c | 3 ++
lib/ldb/ldb_map/ldb_map_outbound.c | 35 +++++++++++------------
python/samba/provision/backend.py | 22 +++++++++++++++
source4/setup/slapd.conf | 53 +++++++++++++++++++++++++++++++++--
4 files changed, 92 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/ldb-samba/ldb_ildap.c b/lib/ldb-samba/ldb_ildap.c
index 3c28690..18853eb 100644
--- a/lib/ldb-samba/ldb_ildap.c
+++ b/lib/ldb-samba/ldb_ildap.c
@@ -681,6 +681,9 @@ static bool ildb_dn_is_special(struct ldb_request *req)
struct ldb_dn *dn = NULL;
switch (req->operation) {
+ case LDB_SEARCH:
+ dn = req->op.search.base;
+ break;
case LDB_ADD:
dn = req->op.add.message->dn;
break;
diff --git a/lib/ldb/ldb_map/ldb_map_outbound.c
b/lib/ldb/ldb_map/ldb_map_outbound.c
index 2c517a6..c6c86e3 100644
--- a/lib/ldb/ldb_map/ldb_map_outbound.c
+++ b/lib/ldb/ldb_map/ldb_map_outbound.c
@@ -195,7 +195,7 @@ static int ldb_msg_replace(struct ldb_message *msg, const
struct ldb_message_ele
/* no local result, add as new element */
if (old == NULL) {
if (ldb_msg_add_empty(msg, el->name, 0, &old) != 0) {
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
talloc_free(discard_const_p(char, old->name));
}
@@ -205,10 +205,10 @@ static int ldb_msg_replace(struct ldb_message *msg, const
struct ldb_message_ele
/* and make sure we reference the contents */
if (!talloc_reference(msg->elements, el->name)) {
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
if (!talloc_reference(msg->elements, el->values)) {
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
return 0;
@@ -480,7 +480,7 @@ static int map_reply_remote(struct map_context *ac, struct
ldb_reply *ares)
msg = ldb_msg_new(ares);
if (msg == NULL) {
map_oom(ac->module);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
/* Merge remote message into new message */
@@ -494,7 +494,7 @@ static int map_reply_remote(struct map_context *ac, struct
ldb_reply *ares)
dn = ldb_dn_map_rebase_remote(ac->module, msg, ares->message->dn);
if (dn == NULL) {
talloc_free(msg);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
msg->dn = dn;
@@ -581,7 +581,7 @@ static int map_subtree_select_local_not(struct ldb_module
*module, void *mem_ctx
*new = talloc_memdup(mem_ctx, tree, sizeof(struct ldb_parse_tree));
if (*new == NULL) {
map_oom(module);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
/* Generate new subtree */
@@ -613,7 +613,7 @@ static int map_subtree_select_local_list(struct ldb_module
*module, void *mem_ct
*new = talloc_memdup(mem_ctx, tree, sizeof(struct ldb_parse_tree));
if (*new == NULL) {
map_oom(module);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
/* Prepare list of subtrees */
@@ -622,7 +622,7 @@ static int map_subtree_select_local_list(struct ldb_module
*module, void *mem_ct
if ((*new)->u.list.elements == NULL) {
map_oom(module);
talloc_free(*new);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
/* Generate new list of subtrees */
@@ -662,7 +662,7 @@ static int map_subtree_select_local_simple(struct
ldb_module *module, void *mem_
*new = talloc_memdup(mem_ctx, tree, sizeof(struct ldb_parse_tree));
if (*new == NULL) {
map_oom(module);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
return 0;
@@ -705,7 +705,7 @@ static int map_subtree_collect_remote_not(struct ldb_module
*module, void *mem_c
*new = talloc_memdup(mem_ctx, tree, sizeof(struct ldb_parse_tree));
if (*new == NULL) {
map_oom(module);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
/* Generate new subtree */
@@ -737,7 +737,7 @@ static int map_subtree_collect_remote_list(struct
ldb_module *module, void *mem_
*new = talloc_memdup(mem_ctx, tree, sizeof(struct ldb_parse_tree));
if (*new == NULL) {
map_oom(module);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
/* Prepare list of subtrees */
@@ -746,7 +746,7 @@ static int map_subtree_collect_remote_list(struct
ldb_module *module, void *mem_
if ((*new)->u.list.elements == NULL) {
map_oom(module);
talloc_free(*new);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
/* Generate new list of subtrees */
@@ -788,7 +788,7 @@ int map_subtree_collect_remote_simple(struct ldb_module
*module, void *mem_ctx,
*new = talloc(mem_ctx, struct ldb_parse_tree);
if (*new == NULL) {
map_oom(module);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
**new = *tree;
@@ -825,7 +825,7 @@ int map_subtree_collect_remote_simple(struct ldb_module
*module, void *mem_ctx,
break;
default: /* unknown kind of simple subtree */
talloc_free(*new);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
if (attr == NULL) {
@@ -880,7 +880,7 @@ int map_subtree_collect_remote_simple(struct ldb_module
*module, void *mem_ctx,
break;
default: /* unknown kind of simple subtree */
talloc_free(*new);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
return 0;
@@ -1031,7 +1031,7 @@ done:
oom:
map_oom(module);
- return -1;
+ return LDB_ERR_OPERATIONS_ERROR;
}
@@ -1264,8 +1264,7 @@ static int map_remote_search_callback(struct ldb_request
*req,
if (ret != LDB_SUCCESS) {
talloc_free(ares);
- return ldb_module_done(ac->req, NULL, NULL,
- LDB_ERR_OPERATIONS_ERROR);
+ return ldb_module_done(ac->req, NULL, NULL, ret);
}
break;
diff --git a/python/samba/provision/backend.py
b/python/samba/provision/backend.py
index b50055d..58aab98 100644
--- a/python/samba/provision/backend.py
+++ b/python/samba/provision/backend.py
@@ -417,6 +417,8 @@ class OpenLDAPBackend(LDAPBackend):
mmr_serverids_config = ""
mmr_syncrepl_schema_config = ""
mmr_syncrepl_config_config = ""
+ mmr_syncrepl_domaindns_config = ""
+ mmr_syncrepl_forestdns_config = ""
mmr_syncrepl_user_config = ""
if self.ol_mmr_urls is not None:
@@ -456,6 +458,22 @@ class OpenLDAPBackend(LDAPBackend):
"MMR_PASSWORD": mmr_pass})
rid = rid + 1
+ mmr_syncrepl_domaindns_config += read_and_sub_file(
+ setup_path("mmr_syncrepl.conf"), {
+ "RID" : str(rid),
+ "MMRDN": "dc=DomainDNSZones," + self.names.domaindn,
+ "LDAPSERVER" : url,
+ "MMR_PASSWORD": mmr_pass})
+
+ rid = rid + 1
+ mmr_syncrepl_forestdns_config += read_and_sub_file(
+ setup_path("mmr_syncrepl.conf"), {
+ "RID" : str(rid),
+ "MMRDN": "dc=ForestDNSZones," + self.names.domaindn,
+ "LDAPSERVER" : url,
+ "MMR_PASSWORD": mmr_pass})
+
+ rid = rid + 1
mmr_syncrepl_user_config += read_and_sub_file(
setup_path("mmr_syncrepl.conf"), {
"RID" : str(rid),
@@ -508,6 +526,8 @@ class OpenLDAPBackend(LDAPBackend):
"MMR_SERVERIDS_CONFIG": mmr_serverids_config,
"MMR_SYNCREPL_SCHEMA_CONFIG": mmr_syncrepl_schema_config,
"MMR_SYNCREPL_CONFIG_CONFIG": mmr_syncrepl_config_config,
+ "MMR_SYNCREPL_DOMAINDNS_CONFIG":
mmr_syncrepl_domaindns_config,
+ "MMR_SYNCREPL_FORESTDNS_CONFIG":
mmr_syncrepl_forestdns_config,
"MMR_SYNCREPL_USER_CONFIG": mmr_syncrepl_user_config,
"OLC_SYNCREPL_CONFIG": olc_syncrepl_config,
"OLC_MMR_CONFIG": olc_mmr_config,
@@ -515,6 +535,8 @@ class OpenLDAPBackend(LDAPBackend):
"INDEX_CONFIG": index_config,
"NOSYNC": nosync_config})
+ self.setup_db_config(os.path.join(self.ldapdir, "db", "forestdns"))
+ self.setup_db_config(os.path.join(self.ldapdir, "db", "domaindns"))
self.setup_db_config(os.path.join(self.ldapdir, "db", "user"))
self.setup_db_config(os.path.join(self.ldapdir, "db", "config"))
self.setup_db_config(os.path.join(self.ldapdir, "db", "schema"))
diff --git a/source4/setup/slapd.conf b/source4/setup/slapd.conf
index c2d92ec..2eb65a3 100644
--- a/source4/setup/slapd.conf
+++ b/source4/setup/slapd.conf
@@ -81,12 +81,13 @@ access to dn.sub="cn=config"
########################################
### cn=schema ###
-database hdb
+database mdb
suffix ${SCHEMADN}
rootdn cn=Manager,${SCHEMADN}
directory ${LDAPDIR}/db/schema
${NOSYNC}
${INDEX_CONFIG}
+maxsize 1073741824
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We need this for the contextCSN attribute and mmr.
@@ -102,12 +103,13 @@ ${MIRRORMODE}
#########################################
### cn=config ###
-database hdb
+database mdb
suffix ${CONFIGDN}
rootdn cn=Manager,${CONFIGDN}
directory ${LDAPDIR}/db/config
${NOSYNC}
${INDEX_CONFIG}
+maxsize 1073741824
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We need this for the contextCSN attribute and mmr.
@@ -122,13 +124,58 @@ ${MMR_SYNCREPL_CONFIG_CONFIG}
${MIRRORMODE}
########################################
+### domaindns
+database mdb
+suffix dc=domaindnszones,${DOMAINDN}
+rootdn cn=Manager,${DOMAINDN}
+directory ${LDAPDIR}/db/domaindns
+${NOSYNC}
+${INDEX_CONFIG}
+maxsize 1073741824
+
+#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
+#We need this for the contextCSN attribute and mmr.
+overlay syncprov
+syncprov-sessionlog 100
+syncprov-checkpoint 100 10
+
+overlay rdnval
+
+### Multimaster-Replication of domainDNS context ###
+${MMR_SYNCREPL_DOMAINDNS_CONFIG}
+${MIRRORMODE}
+
+########################################
+### forestdns ###
+database mdb
+suffix dc=forestdnszones,${DOMAINDN}
+rootdn cn=Manager,${DOMAINDN}
+directory ${LDAPDIR}/db/forestdns
+${NOSYNC}
+${INDEX_CONFIG}
+maxsize 1073741824
+
+#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
+#We need this for the contextCSN attribute and mmr.
+overlay syncprov
+syncprov-sessionlog 100
+syncprov-checkpoint 100 10
+
+overlay rdnval
+
+### Multimaster-Replication of forestDNS context ###
+${MMR_SYNCREPL_FORESTDNS_CONFIG}
+${MIRRORMODE}
+
+########################################
### cn=users /base-dn ###
-database hdb
+database mdb
suffix ${DOMAINDN}
rootdn cn=Manager,${DOMAINDN}
directory ${LDAPDIR}/db/user
${NOSYNC}
${INDEX_CONFIG}
+maxsize 1073741824
#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
#We need this for the contextCSN attribute and mmr.
--
Samba Shared Repository
