summaryrefslogtreecommitdiff
path: root/source4/dsdb
diff options
context:
space:
mode:
authorMatthieu Patou <mat@matws.net>2011-06-05 00:42:35 +0400
committerAndrew Tridgell <tridge@samba.org>2011-07-21 11:44:34 +1000
commit6362c9c30d213381c5b51783d4842bf83de5074b (patch)
tree0a821ab47129374ffd4dd7676059ff6d6ac42a1a /source4/dsdb
parent76b165778d6632a011fa96688c29167ee5e20921 (diff)
downloadsamba-6362c9c30d213381c5b51783d4842bf83de5074b.tar.gz
samba-6362c9c30d213381c5b51783d4842bf83de5074b.tar.bz2
samba-6362c9c30d213381c5b51783d4842bf83de5074b.zip
s4-dsdb: check group membership only for non deleted objects
Group membership has been already removed on deleted objects so there is no mean doing something on this kind of object.
Diffstat (limited to 'source4/dsdb')
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 5c940992ae..6ca3fe84c6 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -2178,17 +2178,24 @@ static int samldb_prim_group_users_check(struct samldb_ctx *ac)
NTSTATUS status;
int ret;
struct ldb_result *res;
- const char *attrs[] = { "objectSid", NULL };
+ const char *attrs[] = { "objectSid", "isDeleted", NULL };
const char *noattrs[] = { NULL };
ldb = ldb_module_get_ctx(ac->module);
/* Finds out the SID/RID of the SAM object */
- ret = dsdb_module_search_dn(ac->module, ac, &res, ac->req->op.del.dn, attrs, DSDB_FLAG_NEXT_MODULE, ac->req);
+ ret = dsdb_module_search_dn(ac->module, ac, &res, ac->req->op.del.dn,
+ attrs,
+ DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SHOW_DELETED,
+ ac->req);
if (ret != LDB_SUCCESS) {
return ret;
}
+ if (ldb_msg_check_string_attribute(res->msgs[0], "isDeleted", "TRUE")) {
+ return LDB_SUCCESS;
+ }
+
sid = samdb_result_dom_sid(ac, res->msgs[0], "objectSid");
if (sid == NULL) {
/* No SID - it might not be a SAM object - therefore ok */