summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mdw@samba.org>2010-09-25 12:02:53 +0200
committerMatthias Dieter Wallnöfer <mdw@sn-devel-104.sn.samba.org>2010-10-03 15:23:18 +0000
commit4768280614b517049ab724026b6867fbee77c6e3 (patch)
tree31ae57c5edc192ef70494b80ea9cf3e8fb8f1164 /source4/dsdb/samdb
parent6c9b25ea5c1d61db2265ba1d8735ffc27a256f6b (diff)
downloadsamba-4768280614b517049ab724026b6867fbee77c6e3.tar.gz
samba-4768280614b517049ab724026b6867fbee77c6e3.tar.bz2
samba-4768280614b517049ab724026b6867fbee77c6e3.zip
s4:objectclass LDB module - fix the "crossRef" delete protection
This is what Windows does Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r--source4/dsdb/samdb/ldb_modules/objectclass.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index 9ff20319b6..11d61af446 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -1423,11 +1423,17 @@ static int objectclass_do_delete(struct oc_context *ac)
dn = ldb_msg_find_attr_as_dn(ldb, ac, ac->search_res->message,
"nCName");
if ((ldb_dn_compare(dn, ldb_get_default_basedn(ldb)) == 0) ||
- (ldb_dn_compare(dn, ldb_get_config_basedn(ldb)) == 0) ||
- (ldb_dn_compare(dn, ldb_get_schema_basedn(ldb)) == 0)) {
+ (ldb_dn_compare(dn, ldb_get_config_basedn(ldb)) == 0)) {
talloc_free(dn);
- ldb_asprintf_errstring(ldb, "objectclass: Cannot delete %s, it's a crossRef object to the three main partitions!",
+ ldb_asprintf_errstring(ldb, "objectclass: Cannot delete %s, it's a crossRef object to the main or configuration partition!",
+ ldb_dn_get_linearized(ac->req->op.del.dn));
+ return LDB_ERR_NOT_ALLOWED_ON_NON_LEAF;
+ }
+ if (ldb_dn_compare(dn, ldb_get_schema_basedn(ldb)) == 0) {
+ talloc_free(dn);
+
+ ldb_asprintf_errstring(ldb, "objectclass: Cannot delete %s, it's a crossRef object to the schema partition!",
ldb_dn_get_linearized(ac->req->op.del.dn));
return LDB_ERR_UNWILLING_TO_PERFORM;
}