samldb and associated patches

[Matthias Dieter Wallnöfer]

Hi Andrew,

I've reworked the patchset:

    * Patches until 196e1dfcfece636054a224cc5bd2904704671530 should work
      without problems (cosmetics and some enhancements to the SAMLDB
      primary group detection)
    * Patches until aca7270d7fc478385a933c81c3b1cc5d14e8da79 should also
      work (makes the most of the rootDSE attributes dynamic - I had to
      leave "dsServiceName" static for now since otherwise s4 stops working)
    * The patches afterwards fixes the delete operation. I found out
      that beginning with DC functional level >= 2008_R2 we need to make
      use of the SHOW_RECYCLED and not SHOW_DELETED control to find
      always all entries. Since otherwise recycled objects aren't
      handled. These patches try to fix this - would be nice if you
      could take a look if my thoughts are right.

It would be nice if you could start applying at least some parts. But 
probably a "make test" is still useful.

Greets,
Matthias


Matthias Dieter Wallnöfer wrote:
> Andrew,
>
> Andrew Bartlett wrote:
>> On Sat, 2010-09-18 at 09:14 +0200, Matthias Dieter Wallnöfer wrote:
>>>> lookup without the...
>>>> http://gitweb.samba.org/samba.git/?p=mdw/samba.git;a=commitdiff;h=9f7826fcd38267e103181bbb54539eb73db13718 
>>>>
>>>>
>>>> This seems to do a unindexed search on dnsHostName.  We should avoid
>>>> unindexed searches in routines such as this - and I fear that soon
>>>> someone will request that likewise dnsHostName be made dynamic.  
>>>> Perhaps
>>>> instead search for our samAccountName based on the lp_netbios_name(),
>>>> and follow the serverReference link?
>>>>
>>> Well, so I could make "dNSHostName" dynamic just now. And I will use
>>> "sAMAccountName".
> This seems easier as it is. In fact the lp_ctx isn't always the one 
> from the server but could also be provided by the client (consider 
> "torture_netlogon" tests). And then we end in "NTDS settings container 
> not found" and failing tests.
>
> Matthias
>
>