| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Avoid hardcoded IP-strings, use standard python IP functions to format
IPv4 and IPv6 addresses correctly.
I have removed the display of the port number.
MS-DNSP 2.2.3.2.2.1 DNS_ADDR: (from May 15, 2014)
Port Number (2bytes): Senders MUST set this to zero, and receivers MUST ignore
it.
Signed-off-by: Guenter Kukkukk <linux@kukkukk.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit d5af53c5372866a33a0195cabbd64232ac53bad4)
|
|
DNS_ZONE_UPDATE_SECURE was used twice, DNS_ZONE_UPDATE_UNSECURE was missing.
Signed-off-by: Guenter Kukkukk <linux@kukkukk.com>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 4bda589c8e68cd66ca3b0ea9496cb1b11febcae6)
|
|
This fixes bug #10466
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Guenter Kukkukk <kukks@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Wed May 21 10:55:00 CEST 2014 on sn-devel-104
(cherry picked from commit 634f116fbb89d723a627f4501b4cd89342cecb8e)
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 5533d9c3db31ac86769288527ec20ad4e57f703c)
|
|
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 29 19:33:19 CEST 2014 on sn-devel-104
(cherry picked from commit 6d104182d9667e4f996439d24cfa052f34098ce4)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10742
samba-tool dns add 172.31.9.161 s4xdom.base . NS mydns.org. => NO_MEMORY
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Aug 7 18:54:28 CEST 2014 on sn-devel-104
|
|
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
Change-Id: I6f2f4169856ce78c62e3a7e74b48520cca9cb9ae
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 9bfbff65436a088fab5d564b6c0bb122a76492bc)
|
|
This also includes a test to ensure we do not regress on this point.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit f596dc94e1ab839f13e2a9edbcec774635b5c211)
|
|
When looking for incorrect name values, this improves the previous
code by avoiding one more manual parse step, and uses less cryptic
variable names.
Andrew Bartlett
Change-Id: Iff8e571a6359a67bf173f729dc12b8787292b3cb
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit 393348d11ed781d9f42049d5f996b0bab8b15d58)
|
|
With older Samba versions (4.0.x) the following could happen:
- On account was created on DC1
- It was replicated to DC2
- The connection between the dcs is offline
- The account gets modified on DC2
- The account gets deleted on DC1
- The connection becomes online again
- DC1 replicates the modification from DC2,
this resets the dn to the original value.
'name' and 'cn' are correct (with '\nDEL${GUID}'),
but 'dn' is wrong.
- DC2 replicates the deletion from DC1.
this doesn't include a changed dn as DC1
had a bug.
'name' is correct (with '\nDEL${GUID}'),
but 'cn' and 'dn' are wrong.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10536
Change-Id: Ia70a6c12e0ff0d4c2c8100cb1d8f3c6422b65591
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 709ed040ec161e99b3c1f7076eac4a631149f64a)
|
|
Change-Id: I282ad887c41412e25fdf73476e405f4e88e0b239
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 821d7dc7b33598f72c4518f8975073b058df5960)
|
|
In several cases we have seen objects without the objectClass attribute.
Here the suggestion for a patch to find such objects in "samba-tool dbcheck"
with the option to delete them.
(patch improved by Andrew Bartlett to suggest DRS re-replication)
Signed-off-by: Felix Botner <botner@univention.de>
Change-Id: I8eb0d191a2089271a9af5884d6bfbf173a5c85c6
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 5b1d6e722e254522165ec512537a2efa2b979e6f)
|
|
According to [MS-SAMR] 3.1.5.7 Delete Pattern we should not allow deletion
of security objects with RID < 1000. This patch will prevent deletion of
well-known accounts and groups.
Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date(master): Mon Oct 14 13:31:50 CEST 2013 on sn-devel-104
(cherry picked from commit 13a10d43141c29dad61868b451c0c1dca82360de)
|
|
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit f279a297a4a94c5cbc049c9b2cde14b02960a76f)
The last 4 patches address bug #10703 - backport provision fixes from master.
|
|
correct permissions
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit b27543aa729ca893270831d5c4fc74ea7ac6d407)
|
|
By doing the test later, there is an actual sam.ldb file that can be connected to.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
(cherry picked from commit a89060a0217f8740798d1dac4466222301a4d81b)
|
|
This new parameter offers the option to specify a default initial site name.
Otherwise it will be "Default-First-Site-Name".
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
(cherry picked from commit 4ca1d69d7daa8f4f92d44cd505aa0983f2ab56bf)
|
|
The sitename is already included in "names" parameter.
Part of fix for bug #10674
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
(cherry picked from commit 4ebd7250ef18811e58d812670e96e61836e4770b)
Conflicts:
python/samba/provision/__init__.py
python/samba/provision/sambadns.py
|
|
Due to insufficient input checking, the DNS server will reply to a packet that
has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed
sender address and have two servers DOS each other with circular replies.
This patch fixes bug #10609 and adds a test to make sure we don't regress.
CVE-2014-2039 has been assigned to this issue.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
(cherry picked from commit 392ec4d241eb19c812cd49ff73bd32b2b09d8533)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Tue May 20 13:54:40 CEST 2014 on sn-devel-104
|
|
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
(cherry picked from commit ca8acb681a1ccaddf85376ff30c9b13b1a4c943d)
|
|
Add another check to the one added for bug #10471, for added paranoia
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue Mar 4 15:47:10 CET 2014 on sn-devel-104
(cherry picked from commit 5bd47bb563c3736b9de1a3a93bdf46a498928643)
|
|
DNS queries for records with the wrong type need to trigger an empty
response with RCODE_OK instead of returning NXDOMAIN.
This adds a test and fixes bug #10471
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit d9829df13317b38677d92a499134727ab31fbb0e)
|
|
group.
Fix posix_acl tests to match the change in writing ACLs
with ID_TYPE_BOTH.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit a1bc1c32e33508c45e614646d69a5f5d67ba22be)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Thu Nov 14 11:36:24 CET 2013 on sn-devel-104
|
|
samba: tag release samba-4.1.1
|
|
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Oct 25 00:39:21 CEST 2013 on sn-devel-104
(cherry picked from commit d3aee80928dc7ccde9441309bf946c2503f7714a)
Part of a fix for bug # 9091 - When replicating DNS for bind9_dlz we need to
create the server-DNS account remotely.
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Wed Nov 6 14:28:14 CET 2013 on sn-devel-104
|
|
This is the final part of the fix for the issue in Samba 4.1
pre-release tree where we would wrongly delete the Deleted Objects
container during a join.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Sep 24 09:31:37 CEST 2013 on sn-devel-104
(cherry picked from commit f4ff81f5797c5dd8f562aec2cfec789272e739fd)
The last 19 patches address bug #10157 - Regression causes replication failure
with Windows 2008R2 and deletes Deleted Objects.
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit bcd535e95c5e8f83f6b30264ab1f0de3c6ac2cda)
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 9e1dde15f9d3a374747d163e37016b54f008bd9f)
|
|
This ensures (and asserts) that we never write an all-zero GUID as an invocationID
to the database in replPropertyMetaData.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit a623359fb8a54083b81436d14b7ba022c11efb18)
|
|
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9461
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Sep 23 12:00:24 CEST 2013 on sn-devel-104
(cherry picked from commit 8d8872ae0a19786452c3be044757b16814b82be8)
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Wed Sep 25 10:47:35 CEST 2013 on sn-devel-104
|
|
This will ensure that the DLZ plugin works out of the box when joining a second Samba DC to the
domain.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit b106d9090e8f8f44f02059d2ced3d10066787060)
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Fri Aug 30 17:33:58 CEST 2013 on sn-devel-104
(cherry picked from commit 3430448fc01ce3fbe0606a2c239d3c98a5b78361)
The last 3 patches address bug #10030 - ::1 added to nameserver on join.
Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-1-test): Mon Sep 2 11:50:45 CEST 2013 on sn-devel-104
|
|
all_interfaces is given
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10030
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Bjoern Jacke <bj@sernet.de>
(cherry picked from commit 0e6aca40413fb3cfd4300f282204a69743be4a65)
|
|
The previous pattern never matched, as it was a typo.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 30 12:55:00 CEST 2013 on sn-devel-104
(cherry picked from commit 7615b2549d9549683978cb3e85b926e2ba63e294)
The last 4 patches address bug #9029 - Replication with --domain-crictical-only
fails to fill in backlinks.
|
|
Tested against Windows 2008R2, presumably before the KCC ran.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Simo Sorce <idra@samba.org>
Autobuild-Date(master): Tue Jun 11 16:25:54 CEST 2013 on sn-devel-104
|
|
If an update leaves the dnsNode without any entries, the dnsNode object
should be deleted. Thanks to Günter Kukkukk for his excellent debugging
work on this one.
This should fix bug #9559
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Windows DC ignores the secure update flag while creating new zone. Windows
performs another operation to set the secure update flag.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
|
|
Windows DCs require additional flags to be set when creating zones.
This fixes bug #9599.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
|
|
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
|
|
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue May 28 08:47:56 CEST 2013 on sn-devel-104
|
|
users/groups/members
This should make things a bit faster when importing very large numbers of users
as we will not constantly rewrite the indicies on disk.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
the literal value
This is better practice.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
end in $
These accounts will not work anyway, as all the domain member lookup code in netlogon expects the $.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>
Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Thu May 16 15:39:15 CEST 2013 on sn-devel-104
|
|
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>
|
|
Due to an oversight, the internal DNS server supports MX record updates,
but not MX record queries. Add support for MX queries and tests.
This should fix bug #9485
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-By: Amitay Isaacs <amitay@gmail.com>
|
|
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
