diff options
author | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-10-26 12:08:02 +0200 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-10-26 18:12:00 +0000 |
commit | 802e3b4e1f2e0fdc7fc11ed7881dade261bfa34a (patch) | |
tree | d940e6a15e1b9e5613cc1d125b40a9ea809d5c47 | |
parent | a839422fc57762ea3366afbe58b018cf11bfffd7 (diff) | |
download | samba-802e3b4e1f2e0fdc7fc11ed7881dade261bfa34a.tar.gz samba-802e3b4e1f2e0fdc7fc11ed7881dade261bfa34a.tar.bz2 samba-802e3b4e1f2e0fdc7fc11ed7881dade261bfa34a.zip |
s4:samldb LDB module - enhance the "member"-check trigger
- Also multi-valued "member" attributes are allowed
- When you try to delete a member from a group which has it primary group set
exactly to this group you get "UNWILLING_TO_PERFORM"
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index 26022b7e3c..924c05e254 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -1158,7 +1158,12 @@ static int samldb_member_check(struct samldb_ctx *ac) } if (ldb_dn_compare(group_dn, ac->msg->dn) == 0) { - return LDB_ERR_ENTRY_ALREADY_EXISTS; + if (LDB_FLAG_MOD_TYPE(el->flags) + == LDB_FLAG_MOD_DELETE) { + return LDB_ERR_UNWILLING_TO_PERFORM; + } else { + return LDB_ERR_ENTRY_ALREADY_EXISTS; + } } } @@ -1463,8 +1468,7 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req) } el = ldb_msg_find_element(ac->msg, "member"); - if (el && el->flags & (LDB_FLAG_MOD_ADD|LDB_FLAG_MOD_REPLACE) - && el->num_values == 1) { + if (el != NULL) { ret = samldb_member_check(ac); if (ret != LDB_SUCCESS) { return ret; |