summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-12-11 02:01:12 +0100
committerMichael Adam <obnox@samba.org>2012-12-11 04:50:50 +0100
commita97b5f219678e409a851d9caf8317a6ef130c12f (patch)
tree13b5a962b0ac530db653ff48470dce59bad9e889
parentd20c46a520a7e39dd87476cd81edab56b5543892 (diff)
downloadsamba-a97b5f219678e409a851d9caf8317a6ef130c12f.tar.gz
samba-a97b5f219678e409a851d9caf8317a6ef130c12f.tar.bz2
samba-a97b5f219678e409a851d9caf8317a6ef130c12f.zip
s4:dsdb/descriptor: pass object_list to create_security_descriptor()
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
-rw-r--r--source4/dsdb/samdb/ldb_modules/descriptor.c15
1 files changed, 13 insertions, 2 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
index 192c745e25..fb100f7628 100644
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -249,9 +249,15 @@ static DATA_BLOB *get_new_descriptor(struct ldb_module *module,
struct dom_sid *default_owner;
struct dom_sid *default_group;
struct security_descriptor *default_descriptor = NULL;
+ struct GUID *object_list = NULL;
if (objectclass != NULL) {
default_descriptor = get_sd_unpacked(module, mem_ctx, objectclass);
+ object_list = talloc_zero_array(mem_ctx, struct GUID, 2);
+ if (object_list == NULL) {
+ return NULL;
+ }
+ object_list[0] = objectclass->schemaIDGUID;
}
if (object) {
@@ -370,8 +376,13 @@ static DATA_BLOB *get_new_descriptor(struct ldb_module *module,
default_owner = get_default_ag(mem_ctx, dn,
session_info->security_token, ldb);
default_group = get_default_group(mem_ctx, ldb, default_owner);
- new_sd = create_security_descriptor(mem_ctx, parent_descriptor, user_descriptor, true,
- NULL, SEC_DACL_AUTO_INHERIT|SEC_SACL_AUTO_INHERIT,
+ new_sd = create_security_descriptor(mem_ctx,
+ parent_descriptor,
+ user_descriptor,
+ true,
+ object_list,
+ SEC_DACL_AUTO_INHERIT |
+ SEC_SACL_AUTO_INHERIT,
session_info->security_token,
default_owner, default_group,
map_generic_rights_ds);