summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-09-13 12:37:41 +0200
committerMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-09-17 12:40:33 +0200
commit0c202e403f72ccb1c7081197e83094498fa390b0 (patch)
treefa2464fefbab77a3e7b53150348a377d3b1ebbf0 /source4/dsdb/samdb/ldb_modules
parentbfb3eaabe7f716ade5821b6bc1e176171600e2a8 (diff)
downloadsamba-0c202e403f72ccb1c7081197e83094498fa390b0.tar.gz
samba-0c202e403f72ccb1c7081197e83094498fa390b0.tar.bz2
samba-0c202e403f72ccb1c7081197e83094498fa390b0.zip
s4/domain behaviour flags: Fix them up in various locations
Additional notes: - Bump the level to Windows Server 2008 R2 (we should support always the latest version - if we provision ourself) - In "descriptor.c" the check for the "domainFunctionality" level shouldn't be needed: ACL owner groups (not owner user) are supported since Windows 2000 Server (first AD edition) - I took the argument from: http://support.microsoft.com/kb/329194
Diffstat (limited to 'source4/dsdb/samdb/ldb_modules')
-rw-r--r--source4/dsdb/samdb/ldb_modules/descriptor.c10
-rw-r--r--source4/dsdb/samdb/ldb_modules/password_hash.c3
2 files changed, 3 insertions, 10 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
index a22cce76a1..2a72d32ddf 100644
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -134,15 +134,7 @@ static struct dom_sid *get_default_group(TALLOC_CTX *mem_ctx,
struct ldb_context *ldb,
struct dom_sid *dag)
{
- int *domainFunctionality;
-
- domainFunctionality = talloc_get_type(ldb_get_opaque(ldb, "domainFunctionality"), int);
-
- if (*domainFunctionality && (*domainFunctionality >= DS_BEHAVIOR_WIN2008)){
- return dag;
- }
-
- return NULL;
+ return dag;
}
static DATA_BLOB *get_new_descriptor(struct ldb_module *module,
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index c7fa636aa8..a04e52469d 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1068,7 +1068,8 @@ static int setup_supplemental_field(struct setup_password_fields_io *io)
/* Per MS-SAMR 3.1.1.8.11.6 we create AES keys if our domain functionality level is 2008 or higher */
domainFunctionality = talloc_get_type(ldb_get_opaque(ldb, "domainFunctionality"), int);
- do_newer_keys = *domainFunctionality && (*domainFunctionality >= DS_BEHAVIOR_WIN2008);
+ do_newer_keys = *domainFunctionality &&
+ (*domainFunctionality >= DS_DOMAIN_FUNCTION_2008);
if (io->domain->store_cleartext &&
(io->u.user_account_control & UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED)) {