Fixed some major bugs in inheritance and access checks.

Fixed sd creation not working on LDAP modify.
Fixed incorrect replacement of CO and CG.
Fixed incorrect access check on modify for SD modification.
Fixed failing sec_descriptor test and enabled it.
Fixed failing sd add test in ldap.python

2 files changed, 0 insertions, 2 deletions

diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail
index dafb57d947..527f2cd111 100644
--- a/source4/selftest/knownfail
+++ b/source4/selftest/knownfail
@@ -57,7 +57,6 @@ samba4.winbind.struct.*.LOOKUP_NAME_SID   # Not yet working in winbind
 ^samba4.*base.delaywrite.*update of write time using SET_END_OF_FILE$
 ^samba4.*base.delaywrite.*update of write time using SET_ALLOCATION_SIZE$
 ^samba4.ldap.python \(dc\).Test add_ldif\(\) with BASE64 security descriptor input using WRONG domain SID$
-^samba4.ldap.python \(dc\).Testing ldb.add_ldif\(\) for nTSecurityDescriptor
 # some operations don't work over the CIFS NTVFS backend yet (eg. root_fid)
 samba4.ntvfs.cifs.base.createx_access 
 samba4.ntvfs.cifs.base.createx_sharemodes_dir
diff --git a/source4/selftest/skip b/source4/selftest/skip
index bd3263d21e..2875acca87 100644
--- a/source4/selftest/skip
+++ b/source4/selftest/skip
@@ -65,7 +65,6 @@ samba4.rpc.countcalls # this is not useful now we have full IDL
 samba4.rap.scan # same thing here - we have docs now
 samba4.gensec.python # not finished
 bench # don't run benchmarks in our selftest
-samba4.ldap.secdesc.python # this is expected to fail until the acl module is complete
 trans2.scan # uses huge number of file descriptors
 base.scan.ioctl # bad idea in make test
 base.scan.pipe_number # bad idea in make test