summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mdw@samba.org>2010-09-15 14:13:18 +0200
committerAndrew Bartlett <abartlet@samba.org>2010-09-24 09:25:42 +1000
commitf46c6233e75509736f0c2a1c376ccab5c0f22fd2 (patch)
treebcfa1e239fc48d1f0f19c1b0d7469f3695fc4a5d
parent72bb8c3fb37096ebb3c9bcc23032769c395997f4 (diff)
downloadsamba-f46c6233e75509736f0c2a1c376ccab5c0f22fd2.tar.gz
samba-f46c6233e75509736f0c2a1c376ccab5c0f22fd2.tar.bz2
samba-f46c6233e75509736f0c2a1c376ccab5c0f22fd2.zip
s4:samldb LDB module - support the "userAccountControl" -> "primaryGroupID" detection also on modify operations
Also requested by MS-SAMR 3.1.1.8.1. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c27
1 files changed, 11 insertions, 16 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index dca6ece9ee..d23031522d 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -1231,24 +1231,19 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req)
}
el2 = ldb_msg_find_element(msg, "isCriticalSystemObject");
el2->flags = LDB_FLAG_MOD_REPLACE;
+ }
+
+ if (!ldb_msg_find_element(msg, "primaryGroupID")) {
+ uint32_t rid = ds_uf2prim_group_rid(user_account_control);
- /* DCs have primaryGroupID of DOMAIN_RID_DCS */
- if (!ldb_msg_find_element(msg, "primaryGroupID")) {
- uint32_t rid;
- if (user_account_control & UF_SERVER_TRUST_ACCOUNT) {
- rid = DOMAIN_RID_DCS;
- } else {
- /* read-only DC */
- rid = DOMAIN_RID_READONLY_DCS;
- }
- ret = samdb_msg_add_uint(ldb, msg, msg,
- "primaryGroupID", rid);
- if (ret != LDB_SUCCESS) {
- return ret;
- }
- el2 = ldb_msg_find_element(msg, "primaryGroupID");
- el2->flags = LDB_FLAG_MOD_REPLACE;
+ ret = samdb_msg_add_uint(ldb, msg, msg,
+ "primaryGroupID", rid);
+ if (ret != LDB_SUCCESS) {
+ return ret;
}
+ el2 = ldb_msg_find_element(msg,
+ "primaryGroupID");
+ el2->flags = LDB_FLAG_MOD_REPLACE;
}
}
if (el && (LDB_FLAG_MOD_TYPE(el->flags) == LDB_FLAG_MOD_DELETE)) {