summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-11-21 14:13:17 +0100
committerMichael Adam <obnox@samba.org>2012-11-30 17:17:20 +0100
commit42898590bb386a13b4f0d7b0294561a78df7e268 (patch)
tree28f3f2640f81aab50f0598be912b1c51b8ce12d6
parentf018772e0ca981857036078342456ef17858b966 (diff)
downloadsamba-42898590bb386a13b4f0d7b0294561a78df7e268.tar.gz
samba-42898590bb386a13b4f0d7b0294561a78df7e268.tar.bz2
samba-42898590bb386a13b4f0d7b0294561a78df7e268.zip
s4:dsdb/descriptor: make it clear that the SD Flags are ignored on add
See [MS-ADTS] 6.1.3.2 SD Flags Control: ... When performing an LDAP add operation, the client can supply an SD flags control with the operation; however, it will be ignored by the server. ... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
-rw-r--r--source4/dsdb/samdb/ldb_modules/descriptor.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
index a764d69aaf..12186f2da2 100644
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -535,9 +535,15 @@ static int descriptor_add(struct ldb_module *module, struct ldb_request *req)
return ldb_operr(ldb);
}
+ /*
+ * The SD_FLAG control is ignored on add
+ * and we default to all bits set.
+ */
+ sd_flags = 0xF;
+
sd = get_new_descriptor(module, dn, req,
objectclass, parent_sd,
- user_sd, NULL, 0);
+ user_sd, NULL, sd_flags);
msg = ldb_msg_copy_shallow(req, req->op.add.message);
if (sd != NULL) {
if (sd_element != NULL) {