| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
get_binary_integer() is still a method on BinaryDn, but not on
StringDn and PlainDn where it makes no sense.
x.get_bytes() is merely an alias for x.binary.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
dsdb_Dn() was a catchall for DN+Binary, DN+String, and plain DNs which
needed to be sorted in a particular way. This meant it treated none of
them exactly right.
For example, a binary dsdb_Dn would be compared on the string
representation of the binary portion, so 'B:2:ff:CN=foo' would not
equal 'B:2:FF:CN=foo', when it should.
It meant a field that expected a binary dsdb_DN would also accept a
plain DN or a string DN, which is never actually allowed.
Also the parsing was a bit dodgy, so a string like 'B:6:ff:CN=foo'
would be accepted, when the length of the binary portion ("ff") is
obviously different from that given ("6").
Here we solve many of the problems by making stricter subclasses but
leaving a compatibility shim in place so that existing code continues
to work.
There is one INCOMPATIBLE change. Previously the `.binary` attribute
of a dsdb_Dn was the hex-string, while now it is the actual binary
data. In the case of StringDn, this means the utf-8 bytes.
This affects dbcheck, which is fixed here (the .prefix assignment now
correctly sets .binary).
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15854
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Björn Baumbach <bb@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Mon Jun 16 22:22:27 UTC 2025 on atb-devel-224
|
|
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15852
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15852
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15852
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Removes all supplemental groups from a user, what is commonly
wanted when a user is disabled.
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jule Anger <janger@samba.org>
Autobuild-User(master): Björn Baumbach <bb@sernet.de>
Autobuild-Date(master): Thu Jan 23 19:51:05 UTC 2025 on atb-devel-224
|
|
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jule Anger <janger@samba.org>
|
|
Otherwise the removal of groupmembers by SID fails silently, because the
DN does not match the the DN in group member list.
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jule Anger <janger@samba.org>
|
|
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jule Anger <janger@samba.org>
|
|
filter() is a Python built-in function to filter iterables.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jule Anger <janger@samba.org>
|
|
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jule Anger <janger@samba.org>
|
|
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jule Anger <janger@samba.org>
|
|
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Getting the right samdb is going to matter more, so it is useful for
debugging to see which is which.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
This is following the same design as other similar properties like samdb.domain_sid, only it doesn't need a setter.
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
The fact that get_wellknown_dn() returned a cached DN that could
not be modified safely was unexpected, particularly given that
other similar routines did not do that.
The use case given at the time this was written by
Matthieu Patou in 6122acad0f1a7bc23b6f58862c16968e13da979d
was dbcheck, so move the cache there, and name it clearly.
dbcheck is the only case that uses this rotuine in an inner
loop.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
|
|
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun 23 14:51:14 UTC 2023 on atb-devel-224
|
|
The wrong string is the wrong value but the right type.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Feb 23 23:33:46 UTC 2023 on atb-devel-224
|
|
If newuser() or newcomputer() create an account over LDAP, and an
attempt to modify it (e.g. to change the password) fails, ensure that we
properly clean up the account. If we are connected over LDAP, we won't
have transactions to clean things up for us.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue May 10 06:12:10 UTC 2022 on sn-devel-184
|
|
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9143
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9143
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9143
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Previously, if either of the rIDPreviousAllocation and rIDNextRID
attributes were not present in a RID Set, the first RID in
rIDAllocationPool was skipped over when determining their values.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
database
If used to generate SIDs for objects, care should be taken, as the
possibility for having duplicate objectSIDs can arise.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14669
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
dsdb._dsdb_garbage_collect_tombstones isn't
built without the addc, so ignore calls to it
in samdb.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
--hide-expired Do not list expired user accounts
--hide-disabled Do not list disabled user accounts
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
|
|
Can be used to unlock a user when the badPwdCount has been reached.
Introduces SamDB error classes, as suggested by
Douglas Bagnall <douglas.bagnall@catalyst.net.nz> - thanks!
This helps to handle expected failures.
Tracebacks of really unexpected failures will not be hidden.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
The remaining compat code (get_string, get_bytes,
cmp) are useful helper routines which we should
simply merge into common (especially since there
is some duplication here).
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): David Mulder <dmulder@samba.org>
Autobuild-Date(master): Fri Oct 2 14:49:36 UTC 2020 on sn-devel-184
|
|
The import dsdb needed for dsdb_Dn causes import
errors when trying to import get_bytes/get_string
in some places.
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Add a method to construct the fullname, using the given name, the initials
and the surname.
If one of this values is empty, try to use the old one, given by an
attributs set.
If the combination is empty, the method will return the fallback-default
parameter.
Use this method to construct the CN or the displayName of users or
contacts.
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Add a method to prepare a given Message to replace the given attribute.
If the given new value is None or the old value and the new value are
the same, do nothing.
If the new value is empty, prepare to replace the given attribute with
[].
Else prepare to replace the given attribute with the new value.
Use this for samdb.modify(msg).
Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Björn Baumbach <bb@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
|
|
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Noel Power <npower@samba.org>
|
|
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
The --member-dn option allows to specify an object by it's DN.
This is required to select a specific object if there are more than one
with the same name. Multiple contacts can exist with the same name in
different OUs.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
|
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
|
