summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2010-08-17 12:06:24 +1000
committerAndrew Tridgell <tridge@samba.org>2010-08-17 21:21:50 +1000
commitf6e0b151a32a2fa450ded3af2fd87d9767cd4540 (patch)
treeb9f7294c26dde497ce13cb81c0ba593f110e6b2e /source4/dsdb/samdb/ldb_modules
parent0caf347098913e9d224d1db4b48887e2b78bae03 (diff)
downloadsamba-f6e0b151a32a2fa450ded3af2fd87d9767cd4540.tar.gz
samba-f6e0b151a32a2fa450ded3af2fd87d9767cd4540.tar.bz2
samba-f6e0b151a32a2fa450ded3af2fd87d9767cd4540.zip
s4-dsdb: set LDB_FLAG_INTERNAL_DISABLE_VALIDATION for msDS-SecondaryKrbTgtNumber
msDS-SecondaryKrbTgtNumber is setup with a value that is outside the range allowed by the schema (the schema has rangeLower==rangeUpper==65536). We need to mark this element as being internally generated to avoid the range checks Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/dsdb/samdb/ldb_modules')
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 2b46867b1a..ac8dff938e 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -373,6 +373,7 @@ static int samldb_rodc_add(struct samldb_ctx *ac)
{
struct ldb_context *ldb = ldb_module_get_ctx(ac->module);
unsigned krbtgt_number, i_start, i;
+ int ret;
/* find a unused msDC-SecondaryKrbTgtNumber */
i_start = generate_random() & 0xFFFF;
@@ -399,7 +400,13 @@ static int samldb_rodc_add(struct samldb_ctx *ac)
return LDB_ERR_OTHER;
found:
- if (ldb_msg_add_fmt(ac->msg, "msDS-SecondaryKrbTgtNumber", "%u", krbtgt_number) != LDB_SUCCESS) {
+ ret = ldb_msg_add_empty(ac->msg, "msDS-SecondaryKrbTgtNumber", LDB_FLAG_INTERNAL_DISABLE_VALIDATION, NULL);
+ if (ret != LDB_SUCCESS) {
+ return ldb_operr(ldb);
+ }
+
+ ret = ldb_msg_add_fmt(ac->msg, "msDS-SecondaryKrbTgtNumber", "%u", krbtgt_number);
+ if (ret != LDB_SUCCESS) {
return ldb_operr(ldb);
}