diff options
author | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-09-15 14:13:18 +0200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-09-24 09:25:42 +1000 |
commit | f46c6233e75509736f0c2a1c376ccab5c0f22fd2 (patch) | |
tree | bcfa1e239fc48d1f0f19c1b0d7469f3695fc4a5d | |
parent | 72bb8c3fb37096ebb3c9bcc23032769c395997f4 (diff) | |
download | samba-f46c6233e75509736f0c2a1c376ccab5c0f22fd2.tar.gz samba-f46c6233e75509736f0c2a1c376ccab5c0f22fd2.tar.bz2 samba-f46c6233e75509736f0c2a1c376ccab5c0f22fd2.zip |
s4:samldb LDB module - support the "userAccountControl" -> "primaryGroupID" detection also on modify operations
Also requested by MS-SAMR 3.1.1.8.1.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 27 |
1 files changed, 11 insertions, 16 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index dca6ece9ee..d23031522d 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -1231,24 +1231,19 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req) } el2 = ldb_msg_find_element(msg, "isCriticalSystemObject"); el2->flags = LDB_FLAG_MOD_REPLACE; + } + + if (!ldb_msg_find_element(msg, "primaryGroupID")) { + uint32_t rid = ds_uf2prim_group_rid(user_account_control); - /* DCs have primaryGroupID of DOMAIN_RID_DCS */ - if (!ldb_msg_find_element(msg, "primaryGroupID")) { - uint32_t rid; - if (user_account_control & UF_SERVER_TRUST_ACCOUNT) { - rid = DOMAIN_RID_DCS; - } else { - /* read-only DC */ - rid = DOMAIN_RID_READONLY_DCS; - } - ret = samdb_msg_add_uint(ldb, msg, msg, - "primaryGroupID", rid); - if (ret != LDB_SUCCESS) { - return ret; - } - el2 = ldb_msg_find_element(msg, "primaryGroupID"); - el2->flags = LDB_FLAG_MOD_REPLACE; + ret = samdb_msg_add_uint(ldb, msg, msg, + "primaryGroupID", rid); + if (ret != LDB_SUCCESS) { + return ret; } + el2 = ldb_msg_find_element(msg, + "primaryGroupID"); + el2->flags = LDB_FLAG_MOD_REPLACE; } } if (el && (LDB_FLAG_MOD_TYPE(el->flags) == LDB_FLAG_MOD_DELETE)) { |