summaryrefslogtreecommitdiff
path: root/source4/dsdb/repl
Commit message (Collapse)AuthorAgeFilesLines
...
* dlist: remove unneeded type argument from DLIST_ADD_END()Michael Adam2016-02-064-5/+5
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* Avoid including libds/common/roles.h in public loadparm.h header.Jelmer Vernooij2016-01-131-0/+1
| | | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-By: Andrew Bartlett <abartlet@samba.org> Reviewed-By: Stefan Metzmacher <metze@samba.org>
* repl: Skip new subdomains and partitions when replicatingAndrew Bartlett2015-12-241-6/+43
| | | | | | | | | | These will need to be handled later, but probably via reading the cross-ref objects. This avoids total failure when cloning a DC that has subdomains. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* repl: Give an error if we get a secret when not expecting oneAndrew Bartlett2015-10-262-3/+23
| | | | | | | | | We should never get a secret from a server when we specify DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING This asserts that this is the case. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* dsdb: Fix a confusing parameterVolker Lendecke2015-09-081-1/+1
| | | | | | | | | LDB_SCOPE_BASE is 0, so this works, but the corresponding parameter is "struct ldb_control **controls", so I'd say NULL is more appropriate here. Fixes a warning I just saw pass by. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* dsdb-repl: Always set DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING when we are an RODCAndrew Bartlett2015-03-161-0/+3
| | | | | | | | | | | | Unless we are using DRSUAPI_EXOP_REPL_SECRET, always remove DRSUAPI_DRS_WRIT_REP and always set DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING Otherwise, we will not work as an RODC, because replication will fail with access denied errors. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* Fix the developer O3 buildVolker Lendecke2015-02-251-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Alexander Bokovoy <ab@samba.org> Autobuild-Date(master): Wed Feb 25 16:32:29 CET 2015 on sn-devel-104
* repl: Specify the target realm in dreplsrv_get_target_principal()Andrew Bartlett2014-09-301-2/+2
| | | | | | | | | | | | | We know what realm we need to contact, so avoid trying to correctly get a referral from our KDC. Andrew Bartlett Change-Id: I154ff72f3176d581b64e0c67d4a9c5f1f76b7924 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Sep 30 14:58:50 CEST 2014 on sn-devel-104
* Order switch statementsSamuel Cabrero2014-07-071-10/+10
| | | | | | | | | Signed-off-by: Samuel Cabrero <scabrero@zentyal.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Jul 7 07:47:44 CEST 2014 on sn-devel-104
* idl:drsuapi: Manage all possible lengths of drsuapi_DsBindInfoSamuel Cabrero2014-07-071-1/+26
| | | | | | | Signed-off-by: Samuel Cabrero <scabrero@zentyal.com> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
* dsdb: Do not store a struct ldb_dn in struct schema_dataAndrew Bartlett2014-06-111-15/+20
| | | | | | | | | | | | The issue is that the DN contains a pointer to the ldb it belongs to, and if this is not kept around long enough, we might reference memory after it is de-allocated. Andrew Bartlett Change-Id: I040a6c37a3164b3309f370e32e598dd56b1a1bbb Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* Use GUID_equal in a few placesVolker Lendecke2014-06-103-7/+7
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* dsdb: Do not update notify_uSN until the transaction is genuinely committed ↵Andrew Bartlett2014-03-271-7/+7
| | | | | | | | to the DB Signed-off-by: Andrew Bartlett <abartlet@samba.org> Change-Id: I734bc75ed348de8f0a5ff92e18e08de2340b8951 Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:dsdb/repl: make use of dcerpc_binding_handle_is_connected()Stefan Metzmacher2014-03-251-7/+10
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Remove a number of NT_STATUS_HAVE_NO_MEMORY_AND_FREE macros from the codebase.Garming Sam2014-03-051-4/+16
| | | | | | | | | | | Following the current coding guidelines, it is considered bad practice to return from within a macro and change control flow as they look like normal function calls. Change-Id: I133eb5a699757ae57b87d3bd3ebbcf5b556b0268 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s4:dsdb/repl: make use of dcerpc_binding_get_string_option("host")Stefan Metzmacher2014-02-131-4/+11
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:dsdb/repl: make dreplsrv_get_target_principal() staticStefan Metzmacher2014-02-131-5/+6
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s4:dsdb/repl: make use of dcerpc_binding_set_string_option("target_principal")Stefan Metzmacher2014-02-131-1/+9
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* dsdb: Refuse to replicate an all-zero invocationID GUID in replPropertyMetaDataAndrew Bartlett2013-09-221-0/+9
| | | | | | | | | | This matches Windows 2008R2. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* dsdb: Add assert in drepl_take_FSMO_roleAndrew Bartlett2013-07-241-4/+3
| | | | | | | Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* dsdb: Allow dsdb_find_dn_by_guid to show deleted DNsAndrew Bartlett2013-06-121-1/+1
| | | | | | | | | This helps us in the KCC as we need to return the deleted DN for the GUID in DsReplicaGetInfo calls (tested for deleted servers against Windows 2008R2). Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb: use the correct talloc parent in dsdb_repl_merge_working_schema()Stefan Metzmacher2013-06-111-2/+2
| | | | | | | schema->{classes,attributes} are the DLIST pointer not an array. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-repl: merge the logic from libnet_vampire_cb_apply_schema()Stefan Metzmacher2013-05-231-6/+113
| | | | | | | | | | | This way libnet_vampire_cb_apply_schema() is able to use dsdb_repl_resolve_working_schema(). Pair-Programmed-With: Matthieu Patou <mat@matws.net> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-repl: split out dsdb_repl_resolve_working_schemaStefan Metzmacher2013-05-231-53/+94
| | | | | | | | | | This can be reused later in other places. Pair-Programmed-With: Matthieu Patou <mat@matws.net> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-drs: when replicating schema object checks ask for removal of previous ↵Matthieu Patou2013-05-231-3/+4
| | | | | | | | | version if exists (bug #8680) Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-repl: Allow the name attribute (and name-based schema lookups) to be ↵Andrew Bartlett2013-05-161-12/+19
| | | | | | | | | | skipped in dsdb_repl_make_working_schema() This allows us to use a schema that may only be valid for attributeID based lookups, during the schema load. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb-drepl: create a new schedulable event for running pending operationsMatthieu Patou2013-05-153-1/+79
| | | | | | | | | | | So instead of running dreplsrv_periodic_schedule when receiving a DRS_REPLICA_SYNC request which will force the DC to look for changes with all the DC it usually replicate to, we reduce it to the DC specified in the DRS_REPLICA_SYNC request. It will allow also to do have the correct options as set by the client who send the DRS_REPLICA_SYNC. Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dsdb-repl: make message more clearerMatthieu Patou2013-02-081-2/+2
| | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb-repl: do not ask to add ref when doing getncchange for an exopMatthieu Patou2013-02-081-0/+7
| | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* drepl-notify: change misleading messageMatthieu Patou2013-01-221-1/+1
| | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* drs-fsmo: Improve handling of FSMO role takeover.Andrew Bartlett2013-01-171-3/+2
| | | | | | | | This needs to be more async, and give less scary errors. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:dsdb/drepl: update the source_dsa_obj/invocation_id in repsFromStefan Metzmacher2013-01-011-0/+4
| | | | | | | The highwatermark is relative to the source_dsa_invocation_id. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4-repl: make dreplsrv_partition_find_for_nc return BAD_NC onlyMatthieu Patou2012-10-071-2/+7
|
* s4:dsdb/repl: fix the usage of 'GC/' prefixed principal namesStefan Metzmacher2012-08-141-21/+6
| | | | | | | | | | | | | | | | The "serverReference" attribute is available on the "server" object not on the "nTDSA" object. This allows connections to RODCs, as they don't have a E3514235-4B06-11D1-AB04-00C04FC2DCD2/${NTDSGUID}/${DNSDOMAIN} principal. Pair-Programmed-With: Björn Baumbach <bb@sernet.de> metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Aug 14 18:57:41 CEST 2012 on sn-devel-104
* s4-dsdb: Use samdb_dn_is_our_ntdsa()Andrew Bartlett2012-08-142-19/+24
| | | | | | | This uses a GUID based comparison, and avoids re-fetching the samdb_ntds_settings_dn each time. Andrew Bartlett
* s4:dsdb/repl: ldb_errstring() takes a 'struct ldb_context' not 'int'Stefan Metzmacher2012-08-141-1/+2
| | | | | | | metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Aug 14 13:58:31 CEST 2012 on sn-devel-104
* s4:dsdb/repl: make sure instanceType_e is not changed by a reallocationStefan Metzmacher2012-08-141-1/+11
| | | | | | Pair-Programmed-With: Björn Baumbach <bb@sernet.de> metze
* s4:dsdb/repl: avoid reallocation of msg->elementsStefan Metzmacher2012-08-141-1/+1
| | | | | | | | | | The index into the elements needs to match between msg->elements and md->ctr.ctr1.array, which means we should pre-allocate them with the same size. Pair-Programmed-With: Björn Baumbach <bb@sernet.de> metze
* s4-dsdb: Add mem_ctx argument to samdb_ntds_settings_dnAndrew Bartlett2012-08-143-4/+10
| | | | | | | | | | | | | | As this value is calculated new each time, we need to give it a context to live on. If the value is the forced value during provision, a reference is taken. This was responsible for the memory leak in the replication process. In the example I was given, this DN appeared in memory 13596 times! Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Aug 14 10:05:14 CEST 2012 on sn-devel-104
* s4-dsdb: Take more care in handling of global schema memoryAndrew Bartlett2012-08-111-27/+61
| | | | | | | | | | | | | | | This reworks dsdb_replicated_objects_commit() to have a proper local tmp_ctx and to be more careful about what schema is set (only setting a global schema if the original schema was global). In particular, the new working_schema is not given a talloc reference to the old schema. This ensures that the old schema can go away when no longer used. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Aug 11 10:31:57 CEST 2012 on sn-devel-104
* s4:dsdb:replicated_objects: do not move 'instanceType' to the end of ↵Stefan Metzmacher2012-08-031-1/+22
| | | | | | | | | msg->elements on RODC replication It's very important that the order of msg->elements and md->ctr.ctr1.array is the same. metze
* s4-repl: Use ldb_dn_new() to create the rootDSE DNAndrew Bartlett2012-07-291-1/+5
| | | | | | Based on a patch proposal by Matthieu Patou <mat@matws.net>. Andrew Bartlett
* s4-repl: Use NULL for pointer test when checking for ldb_msg_new() failureAndrew Bartlett2012-07-291-1/+1
|
* s4-dsdb: Ensure we never write read-only objects onto a read-write replicaAndrew Bartlett2012-07-181-1/+8
| | | | | | | | | | We should prevent this much further up the stack, but at least add a choke at this point for now. Additionally, this avoids administrator-forced replications causing considerable damange to the directory. Andrew Bartlett
* s4-dsdb: Use parent_object_guid to find the correct parent for new objectsAndrew Bartlett2012-07-061-0/+11
| | | | | | | | This allows the parent to be renmaed while a new object is added on another replica. This rename may also be a delete, in which case we must move it to lostandfound. Andrew Bartlett
* s4-drepl: Ensure that the op->source does not get deallocated too earlyAndrew Bartlett2012-06-242-9/+25
| | | | | | | | | | | We need to have the struct dreplsrv_partition_source_dsa around until the end of the async op, so we use talloc_reference after carefully checking the callers and making the modifications required. This prevents a crash when replicating partitions in the vampire_dc test after adding DNS replication at join time. Andrew Bartlett
* s4-drs: if schema has changed during replication notify other process that ↵Matthieu Patou2012-06-221-0/+55
| | | | they have to reload the schema
* lib/param: Create a seperate server role for "active directory domain ↵Andrew Bartlett2012-06-151-1/+1
| | | | | | | | | | | | | | | controller" This will allow us to detect from the smb.conf if this is a Samba4 AD DC which will allow smarter handling of (for example) accidentially starting smbd rather than samba. To cope with upgrades from existing Samba4 installs, 'domain controller' is a synonym of 'active directory domain controller' and new parameters 'classic primary domain controller' and 'classic backup domain controller' are added. Andrew Bartlett
* s4-dsdb: Fix the case for attribute name msDS-hasMasterNCsAmitay Isaacs2012-03-141-1/+1
| | | | | Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Wed Mar 14 11:59:02 CET 2012 on sn-devel-104
* Revert "s4-drs: do not try to contact for replication servers that are not ↵Andrew Tridgell2012-02-011-38/+4
| | | | | | | | | | | | | | | | | anymore in reps*" This reverts commit 5bfd6251eb22ff701184a95649822a73cf4d157b. This change has been causing regular segfaults in the build farm since it was applied. I also think it may be unnecessary as dreplsrv_refresh_partitions() should already be achieving the same thing (removing stale replication targets). I think the segfaults were caused by freeing an in-flight DSA, but I have been unable to reproduce it outside of the build farm Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Wed Feb 1 07:49:42 CET 2012 on sn-devel-104
View Lorry Controller Status