[SCM] Samba Shared Repository - branch master updated
Andrew Tridgell
tridge at samba.org
Wed Jul 20 20:59:03 MDT 2011
The branch, master has been updated
via 7f9d45b samba-tool: make sure we exit with an error on a bad command
via 6e82e20 dbcheck: mark the dbcheck as known-fail
via e593939 samba-tool: fixed some more calls to samba_tool join to be 'domain join'
via 2cfe528 s4-selftest: added undump.sh script
via e01f310 tdb: remove 'EOF' print from tdbrestore
via 6257994 dbcheck: use string DN in delete when fixing broken strings DNs
via a656b18 s4-provision: run dbcheck on a minimal set of objects in provision
via a2c4258 s4-kcc: use dsdb_delete() instead of ldb_delete()
via 114377a s4-dsdb: added dsdb_delete() function
via a36af1a pyldb: use dn.is_child_of() instead of dn.compare_base()
via 9117a2f samba_backup: check that directory really exists
via fa194c3 tests: Add alpha13 dumped provision
via 72ca5c3 s4-dsdb: Use controls provided during the request while searching for object to delete
via 6362c9c s4-dsdb: check group membership only for non deleted objects
via 76b1657 s4-dsdb: change the samba3sam test to add the show_deleted module
via 3f6df9f pyldb: add unit test for ldbDn.compare_base
via 521556c ldb-python: add a function to Dn object to compare the Dn with a base DN
via 930fa1e update/add my copyright
via 9a1dd24 s4-dsdb: In rootdse add extended dn info on all values for a given attribute
via 245f4b2 s4-dsdb: add dsdb_module_extended function similar to other dsdb_module_* functions
via b1ffe82 s4-schema: add systemFlags to dsdb classes objects
via 88df1da s4-test: don't fix broken objects during dbcheck test
via bba7dc5 dbcheck: test the --reindex option
via 190ec87 s4-test: added dbcheck run to test suite
via a8cba72 samba-tool: nicer error in passwordsettings with no settings
via bfd94a1 samba-tool: testparm doesn't take any credentials
via 7d39937 samba-tool: use 'exportkeytab' instead of 'dumpkeys'
via 6e7b8aa samba-tool: Fix __doc_ in base classes
via 5f5eb1b samba-tool: removed synopsis code in base class
via 452e509 samba-tool: Fixed bugs to determine min and max # of allowed arguments
via f03a059 samba-tool: Improved --help functionality
via a2e2c13 samba-tool: fixed __doc__ in base classes
via 903ec44 samba-tool: Fix error handling in SuperCommand class
via 8e0a860 samba-tool: improved Option list for all user commands
via 7c8b53a samba-tool: added error handling for the user command
via a10e231 samba-tool: fixed drs commands synopsis
via 57b796d samba-tool: fixed samba-tool user syntax
via f1a079f samba-tool: fixed synopsis on user commands
via c9bf702 samba-tool: fixed synopsis on all "user" commands
via f6fa868 samba-tool: moved takes_optiongroups definition to Command base class
via 1dfcb01 samba-tool: removed the assignment to parser.prog
via 35d534b samba-tool: fixed prog name in samba-tool
via df6fae2 samba-tool: update vampire.py message
via b8b20f7 samba-tool: removed join as it has been replaced by domain join
via 2cca4a4 samba-tool: moved join to domain join
via 9f32f86 samba-tool: updated test suite for the new domain dumpkeys option
via 8f274af samba-tool: removed export as it has been moved to domain dumpkeys
via c049b14 samba-tool: moved export to domain dumpkeys
via eb259a6 samba-tool: updated test suite to reflect the move from domainlevel to domain level
via 0cef2bf samba-tool: removed domainlevel as it has been moved to domain level
via 2d4988c samba-tool: moved domainlevel to domain level
via e573037 samba-tool: removed machinepw as it has been moved to domain machinepassword
via 41b2b7e samba-tool: moved machinepw to domain machinepassword
via 8c7718a samba-tool: update test suite for the new domain object
via 34f7492 samba-tool: removed pwsettings
via e5255f0 samba-tool: created domain object, moved pwsettings to user passwordsettings
via c4a9229 samba-tool: update test suite for add setpassword
via 5720143 samba-tool: removed setpassword.py
via ff7f323 samba-tool: added setpassword to user
via 30ba5d0 samba-tool: fix summary of the fsmo command to be clearer
from d622cad s3-torture: run_simple_posix_open_test(): replace cli_read_old() with cli_read()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 7f9d45bf10d36b1b443305e0f2e79cb448b98cbd
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Jul 21 10:29:21 2011 +1000
samba-tool: make sure we exit with an error on a bad command
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
Autobuild-User: Andrew Tridgell <tridge at samba.org>
Autobuild-Date: Thu Jul 21 04:58:01 CEST 2011 on sn-devel-104
commit 6e82e208312c5a2dd870459041b9f2d756ab9ac9
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Jul 19 12:57:59 2011 +1000
dbcheck: mark the dbcheck as known-fail
this will fail till we correctly update backlinks to deleted objects
commit e593939da1412bc8596027b05896c460bed244f8
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Jul 19 12:54:37 2011 +1000
samba-tool: fixed some more calls to samba_tool join to be 'domain join'
commit 2cfe528ab684c74e65e6f2617390fcd33e6baac4
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Jul 14 14:03:53 2011 +1000
s4-selftest: added undump.sh script
used to unpack a dumped set of provision files for selftest
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit e01f3108ff447239fb3cb2f89b4749c5f7b88c3b
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Jul 14 14:03:15 2011 +1000
tdb: remove 'EOF' print from tdbrestore
the EOF message is pointless, and makes for noisy scripts
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 6257994848dd71784445222d67077ea52ced61f3
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Jul 14 14:02:38 2011 +1000
dbcheck: use string DN in delete when fixing broken strings DNs
this prevents the extended_dn_in module from 'fixing' the DN for us
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit a656b189b8e9b7d111fd8c4760107ea3ca4488f5
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Jul 14 13:35:14 2011 +1000
s4-provision: run dbcheck on a minimal set of objects in provision
this speeds up the dbcheck in provision to fix only the objects that
we know will need fixing
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit a2c425858b6bbc9756adba46d90fdfa6004c2ac2
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Jul 14 13:18:48 2011 +1000
s4-kcc: use dsdb_delete() instead of ldb_delete()
this adds the DSDB_SEARCH_SHOW_DELETED flag, which fixes deletion of
deleted objects
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 114377a91f3bf823ebd066e36a9bc0d16df4eff2
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Jul 14 13:18:17 2011 +1000
s4-dsdb: added dsdb_delete() function
this gives us a delete function that takes the standard set of dsdb
flags
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit a36af1a5011dddd5551c768f9bf69188c8775a43
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Jul 14 13:17:49 2011 +1000
pyldb: use dn.is_child_of() instead of dn.compare_base()
the compare_base() C API doesn't really fit well in python, as it
returns 0 for true. Better to have a boolean function for the python
interface.
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 9117a2fa3c5f6b6d16aefc9652670a2b5e878e7c
Author: Matthieu Patou <mat at matws.net>
Date: Sun Jun 12 00:40:31 2011 +0400
samba_backup: check that directory really exists
commit fa194c33b2963c84b406beb1008b8de565b531b6
Author: Matthieu Patou <mat at matws.net>
Date: Thu Jun 9 01:01:25 2011 +0400
tests: Add alpha13 dumped provision
commit 72ca5c39c9a911791af3d0abb8a146093b5e3e67
Author: Matthieu Patou <mat at matws.net>
Date: Wed Jun 8 12:20:32 2011 +0400
s4-dsdb: Use controls provided during the request while searching for object to delete
If the parent request specify the show_deleted control we must use it in
order to be able to see the deleted objects.
Also we just allow to trusted connections with the system account to
remove deleted objects, others receive an unwilling to perform.
commit 6362c9c30d213381c5b51783d4842bf83de5074b
Author: Matthieu Patou <mat at matws.net>
Date: Sun Jun 5 00:42:35 2011 +0400
s4-dsdb: check group membership only for non deleted objects
Group membership has been already removed on deleted objects so there is
no mean doing something on this kind of object.
commit 76b165778d6632a011fa96688c29167ee5e20921
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Jul 20 15:31:42 2011 +1000
s4-dsdb: change the samba3sam test to add the show_deleted module
this is needed now that the samldb module adds the show deleted
control
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 3f6df9f9e33266ba2f383dde17ed6f9de7dd54c9
Author: Matthieu Patou <mat at matws.net>
Date: Sat Jun 11 18:31:28 2011 +0400
pyldb: add unit test for ldbDn.compare_base
commit 521556ceed19fdba534e05859b7372c2422c7d98
Author: Matthieu Patou <mat at matws.net>
Date: Tue May 24 01:30:15 2011 +0400
ldb-python: add a function to Dn object to compare the Dn with a base DN
commit 930fa1ee46c8c129a31639ca2eb73be28ae6d0dd
Author: Matthieu Patou <mat at matws.net>
Date: Sun May 22 23:41:56 2011 +0400
update/add my copyright
commit 9a1dd24ced168b837c0e384d0c9519530eb8530c
Author: Matthieu Patou <mat at matws.net>
Date: Fri May 13 13:31:13 2011 +0400
s4-dsdb: In rootdse add extended dn info on all values for a given attribute
And not only on the fist value as it was the case up to this changeset.
commit 245f4b22f4c4efc4f9a71bbbb5f46416a7f118ab
Author: Matthieu Patou <mat at matws.net>
Date: Sat May 14 00:26:26 2011 +0400
s4-dsdb: add dsdb_module_extended function similar to other dsdb_module_* functions
commit b1ffe82facfbbde118e03d09a057645dbab4cd4e
Author: Matthieu Patou <mat at matws.net>
Date: Tue May 3 20:38:13 2011 +0400
s4-schema: add systemFlags to dsdb classes objects
commit 88df1da2b203e6e7e2022aa0ea88c63acad62ed9
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Jul 13 19:37:42 2011 +1000
s4-test: don't fix broken objects during dbcheck test
this leaves the database as-is, which makes it easier to examine the
problem
commit bba7dc50927ae572a9a1897896867c24343e45d5
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Jul 13 17:26:59 2011 +1000
dbcheck: test the --reindex option
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 190ec8796409870d5af2bcd53482cd56cd73f33e
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Jul 13 10:50:24 2011 +1000
s4-test: added dbcheck run to test suite
This should catch corruption that happens during a test run
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit a8cba72119987803a806c3e05f3b5ac3c1be755d
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Jul 19 11:39:52 2011 +1000
samba-tool: nicer error in passwordsettings with no settings
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit bfd94a1515ccb93d1e11b370ada5afc095982307
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Jul 19 11:19:59 2011 +1000
samba-tool: testparm doesn't take any credentials
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 7d399376b89b13417f7b1382259478bf82ae91c3
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Jul 19 11:03:44 2011 +1000
samba-tool: use 'exportkeytab' instead of 'dumpkeys'
a 'keytab' is a particular format known to administrators, whereas
'keys' is a bit too vague
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 6e7b8aaf1d7b64df07fe2cbc731addd59be8e2d8
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jul 18 18:34:45 2011 -0400
samba-tool: Fix __doc_ in base classes
Changed prog to samba-tool as prog is only meaningful in Parser
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 5f5eb1b00385fe1643dd5496c61954768fee3818
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jul 18 17:46:02 2011 -0400
samba-tool: removed synopsis code in base class
As it is not always possible to determine the usage of a command solely based on the list of required and optional args, it is best
to have the subclasses always define it, rather than displaying an incorrect usage statement. Currently, all commands are subclassing the synopsis.
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 452e50919efcd5d92df2bfad48ef106cd75ebad9
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jul 18 16:48:03 2011 -0400
samba-tool: Fixed bugs to determine min and max # of allowed arguments
Fixed the bugs in the code to determine both the min and the max # of allowed arguments
Changed the argument suffix convention from "*" to "+" to represent one or more arguments as:
1. It follows the Regular expression convention ("*" means 0 or more)
2. It is what was missing in terms of functionality
NB Currently, no command is using the "*/+", but it is a good thing to have to help out the validation of the args if/when in the future
we have such need
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit f03a059814ab757a112ea4504ffe8b933a905e3d
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jul 18 15:45:39 2011 -0400
samba-tool: Improved --help functionality
Added a new --help msg
Return an error when no subcommand is specified
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit a2e2c130b0472c7d44d6e9d6e98b9f88853bef7b
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jul 18 11:50:48 2011 -0400
samba-tool: fixed __doc__ in base classes
Replaced the "net" word with %prog in all instances
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 903ec440c40bcbf040fc01cab339e42cbf3fdf5c
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jul 18 11:30:23 2011 -0400
samba-tool: Fix error handling in SuperCommand class
Created show_command_error method to handle errors in SuperCommand
Removed statement in SuperCommand to raise exception
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 8e0a86056139281b2e1ad7763e51cf804e38a77e
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jul 18 10:03:16 2011 -0400
samba-tool: improved Option list for all user commands
Added metavar values for -H and added some default values for other options
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 7c8b53a49ed5fc6d811eafe15ffd247d06404946
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Fri Jul 15 15:23:36 2011 -0400
samba-tool: added error handling for the user command
Caught exception whenever possible, added new check for newpassword to make sure it contains some chars
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit a10e231b3b21a69783d97170652b95c547d4a44c
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Fri Jul 15 14:20:03 2011 -0400
samba-tool: fixed drs commands synopsis
Added [options] as needed
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 57b796d4353d3fde7b47d4c008e9dfe136008fac
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Jul 21 10:29:40 2011 +1000
samba-tool: fixed samba-tool user syntax
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit f1a079f8dd3a783fa8f7ab40290457400232c308
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Fri Jul 15 13:58:00 2011 -0400
samba-tool: fixed synopsis on user commands
Fixed all synopsis to contain [options], filter, and username
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit c9bf7022fd9a20abf5d75bb7543f132203566ab8
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Fri Jul 15 13:46:27 2011 -0400
samba-tool: fixed synopsis on all "user" commands
Added [options] where needed, fixed others where filter or username was needed, renamed name to username
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit f6fa8684896b8f3f9f8b7bd3742c99906973274c
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Fri Jul 15 12:07:03 2011 -0400
samba-tool: moved takes_optiongroups definition to Command base class
The option groups should be defined at the Command base class level as they are in common across all samba-tool commands.
Major move advantages:
1. more OOP approach
2. enforcing consistency across commands
3. avoiding the need of declaring for every new command
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 1dfcb019d2dcca1d21ec32ee05bf7da15ca84e9f
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Fri Jul 15 09:47:51 2011 -0400
samba-tool: removed the assignment to parser.prog
The prog should only be set if we want it to be different than the name of the program that executed it. I think that for better portability we should not set it and let it default to samba-tool.
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 35d534b02645e51d45472ca696cc8d92be7836fa
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Wed Jul 6 14:13:39 2011 -0400
samba-tool: fixed prog name in samba-tool
Changed the prog name from net to samba-tool so that the usage statement is now correct
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit df6fae2f138269578531f833c86859795785cd73
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Tue Jun 28 15:14:16 2011 -0400
samba-tool: update vampire.py message
The update was necessary to reflect the move from join to domain join as part of the object-action work
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit b8b20f7a46c2460acf9e32849efdb610b0d97cb1
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Tue Jun 28 15:09:04 2011 -0400
samba-tool: removed join as it has been replaced by domain join
This is part of the samba-tool work to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 2cca4a44fe7247af85110c9b7e3c64363464bfd4
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Tue Jun 28 15:06:41 2011 -0400
samba-tool: moved join to domain join
This is part of the samba-tool work to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 9f32f86018ac6463586bcac74424730a1aa9ac3b
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Tue Jun 28 12:29:09 2011 -0400
samba-tool: updated test suite for the new domain dumpkeys option
The test suite has been changed to reflect the move from export to "domain dumpkeys" to reflect the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 8f274af3f851a31308b3f55b932e6d579fd66023
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Tue Jun 28 12:22:39 2011 -0400
samba-tool: removed export as it has been moved to domain dumpkeys
The functionality of export has been moved to domain dumpkeys to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit c049b14dc19c01393d6837532e5bf4f2faeb4bbe
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Tue Jun 28 12:19:08 2011 -0400
samba-tool: moved export to domain dumpkeys
This is part of the samba-tool work to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit eb259a676db27ff43fc8d59f05a7f6698b8adec7
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Tue Jun 28 11:53:15 2011 -0400
samba-tool: updated test suite to reflect the move from domainlevel to domain level
The test suite needs to reflect the change from domailevel to "domain level" to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 0cef2bff9cf0bea695898bd8237613cfa2b2e7f8
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Tue Jun 28 11:48:13 2011 -0400
samba-tool: removed domainlevel as it has been moved to domain level
The functionality of domainlevel has been moved the "domain level" to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 2d4988c3d79e501003875cd26b7f9aaa72402b31
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Tue Jun 28 11:41:39 2011 -0400
samba-tool: moved domainlevel to domain level
This is part of the samba-tool work to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit e573037ac547905d1e57b22602bcfce55889dde7
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jun 27 17:06:35 2011 -0400
samba-tool: removed machinepw as it has been moved to domain machinepassword
The functionality of machinepwd has been moved to "domain machinepassword" to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 41b2b7e160c57a969c27a60f71c091d9c70bfd42
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jun 27 17:04:10 2011 -0400
samba-tool: moved machinepw to domain machinepassword
This is part of the samba-tool work to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 8c7718ac16598cc3f1dbb1d0854ef86f614b1f5d
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jun 27 16:49:43 2011 -0400
samba-tool: update test suite for the new domain object
Changed test suite to reflect the changes from setpassword to "domain setpassword" to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 34f7492b1ea2d794fced8d2e3634170f8fa98dff
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jun 27 16:37:26 2011 -0400
samba-tool: removed pwsettings
pwsettings functionality has been moved to user passwordsettings to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit e5255f0920d064a43d8d261889079f068159dba5
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jun 27 16:32:22 2011 -0400
samba-tool: created domain object, moved pwsettings to user passwordsettings
This is part of the samba-tool work to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit c4a92292c127244596795675902176e6483895c7
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jun 27 14:31:34 2011 -0400
samba-tool: update test suite for add setpassword
The test suite needs to change from setpassword to "user setpassword" to reflect the new cmd syntax
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 5720143e860158c2aa79fd0101051574cf20d2ee
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jun 27 13:07:30 2011 -0400
samba-tool: removed setpassword.py
The functionality in setppasword has now been moved to "user setpassword" to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit ff7f3239039e340c39968cb13dda4de85d3f34bb
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Mon Jun 27 12:59:41 2011 -0400
samba-tool: added setpassword to user
This is part of the samba-tool work to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge at samba.org>
commit 30ba5d049091e9ebc76e28c13a8654d4307a7faa
Author: Giampaolo Lauria <lauria2 at yahoo.com>
Date: Wed Jun 15 18:41:02 2011 -0400
samba-tool: fix summary of the fsmo command to be clearer
fsmo command is for general FSMO management
Signed-off-by: Andrew Tridgell <tridge at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/ldb/pyldb.c | 17 +
lib/ldb/tests/python/api.py | 12 +
lib/tdb/tools/tdbrestore.c | 1 -
selftest/target/Samba4.pm | 8 +-
source4/dsdb/common/util.c | 30 +
source4/dsdb/kcc/kcc_deleted.c | 2 +-
source4/dsdb/samdb/ldb_modules/linked_attributes.c | 1 +
source4/dsdb/samdb/ldb_modules/objectclass.c | 14 +-
source4/dsdb/samdb/ldb_modules/rootdse.c | 142 +-
source4/dsdb/samdb/ldb_modules/samldb.c | 11 +-
source4/dsdb/samdb/ldb_modules/util.c | 62 +
source4/dsdb/schema/schema.h | 1 +
source4/dsdb/schema/schema_init.c | 1 +
source4/dsdb/schema/schema_set.c | 1 +
source4/scripting/bin/samba_backup | 12 +-
source4/scripting/devel/drs/vampire_ad.sh | 2 +-
source4/scripting/python/samba/dbchecker.py | 2 +-
source4/scripting/python/samba/netcmd/__init__.py | 79 +-
source4/scripting/python/samba/netcmd/dbcheck.py | 7 +-
.../scripting/python/samba/netcmd/delegation.py | 31 +-
source4/scripting/python/samba/netcmd/domain.py | 500 +
.../scripting/python/samba/netcmd/domainlevel.py | 247 -
source4/scripting/python/samba/netcmd/drs.py | 41 +-
source4/scripting/python/samba/netcmd/dsacl.py | 7 +-
source4/scripting/python/samba/netcmd/export.py | 56 -
source4/scripting/python/samba/netcmd/fsmo.py | 9 +-
source4/scripting/python/samba/netcmd/gpo.py | 13 +-
source4/scripting/python/samba/netcmd/group.py | 25 +-
source4/scripting/python/samba/netcmd/join.py | 78 -
source4/scripting/python/samba/netcmd/ldapcmp.py | 7 +-
source4/scripting/python/samba/netcmd/machinepw.py | 56 -
source4/scripting/python/samba/netcmd/netacl.py | 1 +
source4/scripting/python/samba/netcmd/newuser.py | 7 +-
source4/scripting/python/samba/netcmd/ntacl.py | 13 +-
.../scripting/python/samba/netcmd/pwsettings.py | 197 -
source4/scripting/python/samba/netcmd/rodc.py | 7 +-
.../scripting/python/samba/netcmd/setpassword.py | 80 -
source4/scripting/python/samba/netcmd/spn.py | 18 +-
source4/scripting/python/samba/netcmd/testparm.py | 5 +-
source4/scripting/python/samba/netcmd/time.py | 7 +-
source4/scripting/python/samba/netcmd/user.py | 128 +-
source4/scripting/python/samba/netcmd/vampire.py | 9 +-
.../scripting/python/samba/provision/__init__.py | 12 +-
source4/scripting/python/samba/tests/samba3sam.py | 2 +-
source4/selftest/knownfail | 1 +
.../provisions/alpha13/etc/smb.conf.template | 17 +
.../selftest/provisions/alpha13/private/dns.keytab | Bin 0 -> 370 bytes
.../alpha13/private/dns/alpha13.samba.corp.zone | 50 +
.../provisions/alpha13/private/dns_update_list | 22 +
.../provisions/alpha13/private/eadb.tdb.dump | 96 +
.../provisions/alpha13/private/hklm.ldb.dump | 80 +
.../provisions/alpha13/private/idmap.ldb.dump | 60 +
.../selftest/provisions/alpha13/private/krb5.conf | 17 +
.../selftest/provisions/alpha13/private/named.conf | 38 +
.../provisions/alpha13/private}/named.conf.update | 0
.../selftest/provisions/alpha13/private/named.txt | 46 +
.../alpha13/private/phpldapadmin-config.php | 28 +
.../provisions/alpha13/private/privilege.ldb.dump | 156 +
...FIGURATION,DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump |28924 +++++++++++++
...FIGURATION,DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump |43468 ++++++++++++++++++++
.../sam.ldb.d/DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump | 5876 +++
.../provisions/alpha13/private/sam.ldb.dump | 40 +
.../provisions/alpha13/private/secrets.keytab | Bin 0 -> 298 bytes
.../provisions/alpha13/private/secrets.ldb.dump | 48 +
.../provisions/alpha13/private/share.ldb.dump | 32 +
.../provisions/alpha13/private/spn_update_list | 27 +
.../{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI | 2 +
.../{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI | 2 +
source4/selftest/provisions/undump.sh | 20 +
source4/selftest/quick | 1 +
source4/selftest/tests.py | 3 +
source4/setup/tests/blackbox_newuser.sh | 4 +-
source4/setup/tests/blackbox_setpassword.sh | 6 +-
source4/smb_server/smb/trans2.c | 2 +-
source4/utils/tests/test_samba_tool.sh | 2 +-
testprogs/blackbox/dbcheck.sh | 26 +
testprogs/blackbox/test_export_keytab.sh | 4 +-
testprogs/blackbox/test_kinit.sh | 4 +-
testprogs/blackbox/test_passwords.sh | 16 +-
wintest/test-s4-howto.py | 10 +-
80 files changed, 80006 insertions(+), 1083 deletions(-)
create mode 100644 source4/scripting/python/samba/netcmd/domain.py
delete mode 100644 source4/scripting/python/samba/netcmd/domainlevel.py
delete mode 100644 source4/scripting/python/samba/netcmd/export.py
delete mode 100644 source4/scripting/python/samba/netcmd/join.py
delete mode 100644 source4/scripting/python/samba/netcmd/machinepw.py
delete mode 100644 source4/scripting/python/samba/netcmd/pwsettings.py
delete mode 100644 source4/scripting/python/samba/netcmd/setpassword.py
create mode 100644 source4/selftest/provisions/alpha13/etc/smb.conf.template
create mode 100644 source4/selftest/provisions/alpha13/private/dns.keytab
create mode 100644 source4/selftest/provisions/alpha13/private/dns/alpha13.samba.corp.zone
create mode 100644 source4/selftest/provisions/alpha13/private/dns_update_list
create mode 100644 source4/selftest/provisions/alpha13/private/eadb.tdb.dump
create mode 100644 source4/selftest/provisions/alpha13/private/hklm.ldb.dump
create mode 100644 source4/selftest/provisions/alpha13/private/idmap.ldb.dump
create mode 100644 source4/selftest/provisions/alpha13/private/krb5.conf
create mode 100644 source4/selftest/provisions/alpha13/private/named.conf
copy source4/{setup => selftest/provisions/alpha13/private}/named.conf.update (100%)
create mode 100644 source4/selftest/provisions/alpha13/private/named.txt
create mode 100644 source4/selftest/provisions/alpha13/private/phpldapadmin-config.php
create mode 100644 source4/selftest/provisions/alpha13/private/privilege.ldb.dump
create mode 100644 source4/selftest/provisions/alpha13/private/sam.ldb.d/CN=CONFIGURATION,DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump
create mode 100644 source4/selftest/provisions/alpha13/private/sam.ldb.d/CN=SCHEMA,CN=CONFIGURATION,DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump
create mode 100644 source4/selftest/provisions/alpha13/private/sam.ldb.d/DC=ALPHA13,DC=SAMBA,DC=CORP.ldb.dump
create mode 100644 source4/selftest/provisions/alpha13/private/sam.ldb.dump
create mode 100644 source4/selftest/provisions/alpha13/private/secrets.keytab
create mode 100644 source4/selftest/provisions/alpha13/private/secrets.ldb.dump
create mode 100644 source4/selftest/provisions/alpha13/private/share.ldb.dump
create mode 100644 source4/selftest/provisions/alpha13/private/spn_update_list
create mode 100644 source4/selftest/provisions/alpha13/sysvol/alpha13.samba.corp/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI
create mode 100644 source4/selftest/provisions/alpha13/sysvol/alpha13.samba.corp/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}/GPT.INI
create mode 100755 source4/selftest/provisions/undump.sh
create mode 100755 testprogs/blackbox/dbcheck.sh
Changeset truncated at 500 lines:
diff --git a/lib/ldb/pyldb.c b/lib/ldb/pyldb.c
index e2a2e71..adec424 100644
--- a/lib/ldb/pyldb.c
+++ b/lib/ldb/pyldb.c
@@ -522,6 +522,21 @@ static PyObject *py_ldb_dn_add_base(PyLdbDnObject *self, PyObject *args)
return ldb_dn_add_base(dn, other)?Py_True:Py_False;
}
+static PyObject *py_ldb_dn_is_child_of(PyLdbDnObject *self, PyObject *args)
+{
+ PyObject *py_base;
+ struct ldb_dn *dn, *base;
+ if (!PyArg_ParseTuple(args, "O", &py_base))
+ return NULL;
+
+ dn = PyLdbDn_AsDn((PyObject *)self);
+
+ if (!PyObject_AsDn(NULL, py_base, dn_ldb_ctx(dn), &base))
+ return NULL;
+
+ return PyBool_FromLong(ldb_dn_compare_base(base, dn) == 0);
+}
+
static PyMethodDef py_ldb_dn_methods[] = {
{ "validate", (PyCFunction)py_ldb_dn_validate, METH_NOARGS,
"S.validate() -> bool\n"
@@ -540,6 +555,8 @@ static PyMethodDef py_ldb_dn_methods[] = {
{ "canonical_str", (PyCFunction)py_ldb_dn_canonical_str, METH_NOARGS,
"S.canonical_str() -> string\n"
"Canonical version of this DN (like a posix path)." },
+ { "is_child_of", (PyCFunction)py_ldb_dn_is_child_of, METH_VARARGS,
+ "S.is_child_of(basedn) -> int\nReturns True if this DN is a child of basedn\n"},
{ "canonical_ex_str", (PyCFunction)py_ldb_dn_canonical_ex_str, METH_NOARGS,
"S.canonical_ex_str() -> string\n"
"Canonical version of this DN (like a posix path, with terminating newline)." },
diff --git a/lib/ldb/tests/python/api.py b/lib/ldb/tests/python/api.py
index e7658d5..bd10b0b 100755
--- a/lib/ldb/tests/python/api.py
+++ b/lib/ldb/tests/python/api.py
@@ -437,6 +437,18 @@ class DnTests(unittest.TestCase):
x = ldb.Dn(self.ldb, "dc=foo26,bar=bloe")
self.assertEquals("/bloe\nfoo26", x.canonical_ex_str())
+ def test_ldb_is_child_of(self):
+ """Testing ldb_dn_compare_dn"""
+ dn1 = ldb.Dn(self.ldb, "dc=base")
+ dn2 = ldb.Dn(self.ldb, "cn=foo,dc=base")
+ dn3 = ldb.Dn(self.ldb, "cn=bar,dc=base")
+ dn4 = ldb.Dn(self.ldb, "cn=baz,cn=bar,dc=base")
+
+ self.assertTrue(dn2.is_child_of(dn1))
+ self.assertTrue(dn4.is_child_of(dn1))
+ self.assertTrue(dn4.is_child_of(dn3))
+ self.assertFalse(dn3.is_child_of(dn2))
+ self.assertFalse(dn1.is_child_of(dn4))
class LdbMsgTests(unittest.TestCase):
diff --git a/lib/tdb/tools/tdbrestore.c b/lib/tdb/tools/tdbrestore.c
index 1daac63..8106cf9 100644
--- a/lib/tdb/tools/tdbrestore.c
+++ b/lib/tdb/tools/tdbrestore.c
@@ -206,7 +206,6 @@ static int restore_tdb(const char *fname)
fprintf(stderr, "Error closing tdb\n");
return 1;
}
- fprintf(stderr, "EOF\n");
return 0;
}
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 2610232..47f1bad 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -860,7 +860,7 @@ sub provision_member($$$)
my $cmd = "";
$cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
- $cmd .= "$samba_tool join $ret->{CONFIGURATION} $dcvars->{REALM} member";
+ $cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} member";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
unless (system($cmd) == 0) {
@@ -928,7 +928,7 @@ sub provision_rpc_proxy($$$)
my $cmd = "";
$cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
- $cmd .= "$samba_tool join $ret->{CONFIGURATION} $dcvars->{REALM} member";
+ $cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} member";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
unless (system($cmd) == 0) {
@@ -1012,7 +1012,7 @@ sub provision_vampire_dc($$$)
my $cmd = "";
$cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
- $cmd .= "$samba_tool join $ret->{CONFIGURATION} $dcvars->{REALM} DC --realm=$dcvars->{REALM}";
+ $cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} DC --realm=$dcvars->{REALM}";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
unless (system($cmd) == 0) {
@@ -1184,7 +1184,7 @@ sub provision_rodc($$$)
my $cmd = "";
$cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
- $cmd .= "$samba_tool join $ret->{CONFIGURATION} $dcvars->{REALM} RODC";
+ $cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} RODC";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
$cmd .= " --server=$dcvars->{DC_SERVER}";
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 7283405..ae2ca74 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -3723,6 +3723,36 @@ int dsdb_modify(struct ldb_context *ldb, const struct ldb_message *message,
}
/*
+ a delete with a set of flags
+*/
+int dsdb_delete(struct ldb_context *ldb, const struct ldb_dn *dn,
+ uint32_t dsdb_flags)
+{
+ struct ldb_request *req;
+ int ret;
+
+ ret = ldb_build_del_req(&req, ldb, ldb,
+ dn,
+ NULL,
+ NULL,
+ ldb_op_default_callback,
+ NULL);
+
+ if (ret != LDB_SUCCESS) return ret;
+
+ ret = dsdb_request_add_controls(req, dsdb_flags);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(req);
+ return ret;
+ }
+
+ ret = dsdb_autotransaction_request(ldb, req);
+
+ talloc_free(req);
+ return ret;
+}
+
+/*
like dsdb_modify() but set all the element flags to
LDB_FLAG_MOD_REPLACE
*/
diff --git a/source4/dsdb/kcc/kcc_deleted.c b/source4/dsdb/kcc/kcc_deleted.c
index 35f538d..5d2585d 100644
--- a/source4/dsdb/kcc/kcc_deleted.c
+++ b/source4/dsdb/kcc/kcc_deleted.c
@@ -89,7 +89,7 @@ NTSTATUS kccsrv_check_deleted(struct kccsrv_service *s, TALLOC_CTX *mem_ctx)
whenChanged = ldb_string_to_time(tstring);
}
if (t - whenChanged > tombstoneLifetime*60*60*24) {
- ret = ldb_delete(s->samdb, res->msgs[i]->dn);
+ ret = dsdb_delete(s->samdb, res->msgs[i]->dn, DSDB_SEARCH_SHOW_DELETED);
if (ret != LDB_SUCCESS) {
DEBUG(1,(__location__ ": Failed to remove deleted object %s\n",
ldb_dn_get_linearized(res->msgs[i]->dn)));
diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
index 6948800..cc6a489 100644
--- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
+++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
@@ -3,6 +3,7 @@
Copyright (C) Andrew Bartlett <abartlet at samba.org> 2007
Copyright (C) Simo Sorce <idra at samba.org> 2008
+ Copyright (C) Matthieu Patou <mat at matws.net> 2011
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index fd39937..7ae90d3 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -1419,6 +1419,7 @@ static int objectclass_delete(struct ldb_module *module, struct ldb_request *req
{
static const char * const attrs[] = { "nCName", "objectClass",
"systemFlags",
+ "isDeleted",
"isCriticalSystemObject", NULL };
struct ldb_context *ldb;
struct ldb_request *search_req;
@@ -1450,7 +1451,7 @@ static int objectclass_delete(struct ldb_module *module, struct ldb_request *req
ret = ldb_build_search_req(&search_req, ldb,
ac, req->op.del.dn, LDB_SCOPE_BASE,
"(objectClass=*)",
- attrs, NULL,
+ attrs, req->controls,
ac, get_search_callback,
req);
LDB_REQ_SET_LOCATION(search_req);
@@ -1505,6 +1506,17 @@ static int objectclass_do_delete(struct oc_context *ac)
talloc_free(dn);
}
+ /* Only trusted request from system account are allowed to delete
+ * deleted objects.
+ */
+ if (ldb_msg_check_string_attribute(ac->search_res->message, "isDeleted", "TRUE") &&
+ (ldb_req_is_untrusted(ac->req) ||
+ !dsdb_module_am_system(ac->module))) {
+ ldb_asprintf_errstring(ldb, "Delete of '%s' failed",
+ ldb_dn_get_linearized(ac->req->op.del.dn));
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ }
+
/* crossRef objects regarding config, schema and default domain NCs */
if (samdb_find_attribute(ldb, ac->search_res->message, "objectClass",
"crossRef") != NULL) {
diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c
index c584a11..2499e82 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -5,6 +5,7 @@
Copyright (C) Andrew Tridgell 2005
Copyright (C) Simo Sorce 2005-2008
+ Copyright (C) Matthieu Patou <mat at matws.net> 2011
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -76,6 +77,8 @@ static int expand_dn_in_message(struct ldb_module *module, struct ldb_message *m
TALLOC_CTX *tmp_ctx = talloc_new(req);
struct ldb_context *ldb;
int edn_type = 0;
+ unsigned int i;
+ struct ldb_message_element *el;
ldb = ldb_module_get_ctx(module);
@@ -84,76 +87,83 @@ static int expand_dn_in_message(struct ldb_module *module, struct ldb_message *m
edn_type = edn->type;
}
- v = discard_const_p(struct ldb_val, ldb_msg_find_ldb_val(msg, attrname));
- if (v == NULL) {
- talloc_free(tmp_ctx);
+ el = ldb_msg_find_element(msg, attrname);
+ if (!el || el->num_values == 0) {
return LDB_SUCCESS;
}
- dn_string = talloc_strndup(tmp_ctx, (const char *)v->data, v->length);
- if (dn_string == NULL) {
- talloc_free(tmp_ctx);
- return ldb_operr(ldb);
- }
+ for (i = 0; i < el->num_values; i++) {
+ v = &el->values[i];
+ if (v == NULL) {
+ talloc_free(tmp_ctx);
+ return LDB_SUCCESS;
+ }
- res = talloc_zero(tmp_ctx, struct ldb_result);
- if (res == NULL) {
- talloc_free(tmp_ctx);
- return ldb_operr(ldb);
- }
+ dn_string = talloc_strndup(tmp_ctx, (const char *)v->data, v->length);
+ if (dn_string == NULL) {
+ talloc_free(tmp_ctx);
+ return ldb_operr(ldb);
+ }
- dn = ldb_dn_new(tmp_ctx, ldb, dn_string);
- if (dn == NULL) {
- talloc_free(tmp_ctx);
- return ldb_operr(ldb);
- }
+ res = talloc_zero(tmp_ctx, struct ldb_result);
+ if (res == NULL) {
+ talloc_free(tmp_ctx);
+ return ldb_operr(ldb);
+ }
- ret = ldb_build_search_req(&req2, ldb, tmp_ctx,
- dn,
- LDB_SCOPE_BASE,
- NULL,
- no_attrs,
- NULL,
- res, ldb_search_default_callback,
- req);
- LDB_REQ_SET_LOCATION(req2);
- if (ret != LDB_SUCCESS) {
- talloc_free(tmp_ctx);
- return ret;
- }
+ dn = ldb_dn_new(tmp_ctx, ldb, dn_string);
+ if (dn == NULL) {
+ talloc_free(tmp_ctx);
+ return ldb_operr(ldb);
+ }
+
+ ret = ldb_build_search_req(&req2, ldb, tmp_ctx,
+ dn,
+ LDB_SCOPE_BASE,
+ NULL,
+ no_attrs,
+ NULL,
+ res, ldb_search_default_callback,
+ req);
+ LDB_REQ_SET_LOCATION(req2);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(tmp_ctx);
+ return ret;
+ }
- ret = ldb_request_add_control(req2,
- LDB_CONTROL_EXTENDED_DN_OID,
- edn_control->critical, edn);
- if (ret != LDB_SUCCESS) {
- talloc_free(tmp_ctx);
- return ret;
- }
+ ret = ldb_request_add_control(req2,
+ LDB_CONTROL_EXTENDED_DN_OID,
+ edn_control->critical, edn);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(tmp_ctx);
+ return ldb_error(ldb, ret, "Failed to add control");
+ }
- ret = ldb_next_request(module, req2);
- if (ret == LDB_SUCCESS) {
- ret = ldb_wait(req2->handle, LDB_WAIT_ALL);
- }
- if (ret != LDB_SUCCESS) {
- talloc_free(tmp_ctx);
- return ret;
- }
+ ret = ldb_next_request(module, req2);
+ if (ret == LDB_SUCCESS) {
+ ret = ldb_wait(req2->handle, LDB_WAIT_ALL);
+ }
- if (!res || res->count != 1) {
- talloc_free(tmp_ctx);
- return ldb_operr(ldb);
- }
+ if (ret != LDB_SUCCESS) {
+ talloc_free(tmp_ctx);
+ return ret;
+ }
- dn2 = res->msgs[0]->dn;
+ if (!res || res->count != 1) {
+ talloc_free(tmp_ctx);
+ return ldb_operr(ldb);
+ }
- v->data = (uint8_t *)ldb_dn_get_extended_linearized(msg->elements, dn2, edn_type);
- if (v->data == NULL) {
- talloc_free(tmp_ctx);
- return ldb_operr(ldb);
- }
- v->length = strlen((char *)v->data);
+ dn2 = res->msgs[0]->dn;
+ v->data = (uint8_t *)ldb_dn_get_extended_linearized(msg->elements, dn2, edn_type);
+ if (v->data == NULL) {
+ talloc_free(tmp_ctx);
+ return ldb_operr(ldb);
+ }
+ v->length = strlen((char *)v->data);
+ }
talloc_free(tmp_ctx);
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 5c94099..6ca3fe8 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -2178,17 +2178,24 @@ static int samldb_prim_group_users_check(struct samldb_ctx *ac)
NTSTATUS status;
int ret;
struct ldb_result *res;
- const char *attrs[] = { "objectSid", NULL };
+ const char *attrs[] = { "objectSid", "isDeleted", NULL };
const char *noattrs[] = { NULL };
ldb = ldb_module_get_ctx(ac->module);
/* Finds out the SID/RID of the SAM object */
- ret = dsdb_module_search_dn(ac->module, ac, &res, ac->req->op.del.dn, attrs, DSDB_FLAG_NEXT_MODULE, ac->req);
+ ret = dsdb_module_search_dn(ac->module, ac, &res, ac->req->op.del.dn,
+ attrs,
+ DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SHOW_DELETED,
+ ac->req);
if (ret != LDB_SUCCESS) {
return ret;
}
+ if (ldb_msg_check_string_attribute(res->msgs[0], "isDeleted", "TRUE")) {
+ return LDB_SUCCESS;
+ }
+
sid = samdb_result_dom_sid(ac, res->msgs[0], "objectSid");
if (sid == NULL) {
/* No SID - it might not be a SAM object - therefore ok */
diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c
index 7dbf233..ebb214d 100644
--- a/source4/dsdb/samdb/ldb_modules/util.c
+++ b/source4/dsdb/samdb/ldb_modules/util.c
@@ -4,6 +4,7 @@
Copyright (C) Andrew Tridgell 2009
Copyright (C) Andrew Bartlett <abartlet at samba.org> 2009
+ Copyright (C) Matthieu Patou <mat at matws.net> 2011
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -308,7 +309,68 @@ int dsdb_module_guid_by_dn(struct ldb_module *module, struct ldb_dn *dn, struct
talloc_free(tmp_ctx);
return LDB_SUCCESS;
}
+/*
+ a ldb_extended request operating on modules below the
+ current module
+ */
+int dsdb_module_extended(struct ldb_module *module,
+ const char* oid, void* data,
+ uint32_t dsdb_flags,
+ struct ldb_request *parent)
+{
+ struct ldb_request *req;
+ int ret;
+ struct ldb_context *ldb = ldb_module_get_ctx(module);
+ TALLOC_CTX *tmp_ctx = talloc_new(module);
+ struct ldb_result *res;
+
+ res = talloc_zero(tmp_ctx, struct ldb_result);
+ if (!res) {
+ talloc_free(tmp_ctx);
+ return ldb_oom(ldb_module_get_ctx(module));
+ }
+
+ ret = ldb_build_extended_req(&req, ldb,
+ tmp_ctx,
+ oid,
+ data,
+ NULL,
+ res, ldb_extended_default_callback,
+ parent);
+
+ LDB_REQ_SET_LOCATION(req);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(tmp_ctx);
+ return ret;
+ }
+
+ ret = dsdb_request_add_controls(req, dsdb_flags);
+ if (ret != LDB_SUCCESS) {
+ talloc_free(tmp_ctx);
+ return ret;
+ }
+ if (dsdb_flags & DSDB_FLAG_TRUSTED) {
+ ldb_req_mark_trusted(req);
+ }
+
+ /* Run the new request */
+ if (dsdb_flags & DSDB_FLAG_NEXT_MODULE) {
+ ret = ldb_next_request(module, req);
+ } else if (dsdb_flags & DSDB_FLAG_TOP_MODULE) {
+ ret = ldb_request(ldb_module_get_ctx(module), req);
+ } else {
+ const struct ldb_module_ops *ops = ldb_module_get_ops(module);
+ SMB_ASSERT(dsdb_flags & DSDB_FLAG_OWN_MODULE);
+ ret = ops->extended(module, req);
+ }
+ if (ret == LDB_SUCCESS) {
+ ret = ldb_wait(req->handle, LDB_WAIT_ALL);
+ }
+
+ talloc_free(tmp_ctx);
+ return ret;
+}
/*
a ldb_modify request operating on modules below the
current module
diff --git a/source4/dsdb/schema/schema.h b/source4/dsdb/schema/schema.h
index 5ba2254..7535179 100644
--- a/source4/dsdb/schema/schema.h
+++ b/source4/dsdb/schema/schema.h
@@ -143,6 +143,7 @@ struct dsdb_class {
const char *defaultSecurityDescriptor;
uint32_t schemaFlagsEx;
+ uint32_t systemFlags;
struct ldb_val msDs_Schema_Extensions;
--
Samba Shared Repository
More information about the samba-cvs
mailing list