summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/dsdb/repl/replicated_objects.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/source4/dsdb/repl/replicated_objects.c b/source4/dsdb/repl/replicated_objects.c
index ec4dffe0be..67999df573 100644
--- a/source4/dsdb/repl/replicated_objects.c
+++ b/source4/dsdb/repl/replicated_objects.c
@@ -202,6 +202,7 @@ WERROR dsdb_convert_object_ex(struct ldb_context *ldb,
uint32_t i;
struct ldb_message *msg;
struct replPropertyMetaDataBlob *md;
+ int instanceType;
struct ldb_val guid_value;
struct ldb_val parent_guid_value;
NTTIME whenChanged = 0;
@@ -352,12 +353,12 @@ WERROR dsdb_convert_object_ex(struct ldb_context *ldb,
}
+ instanceType = ldb_msg_find_attr_as_int(msg, "instanceType", 0);
if (dsdb_repl_flags & DSDB_REPL_FLAG_PARTIAL_REPLICA) {
/* the instanceType type for partial_replica
replication is sent via DRS with TYPE_WRITE set, but
must be used on the client with TYPE_WRITE removed
*/
- int instanceType = ldb_msg_find_attr_as_int(msg, "instanceType", 0);
if (instanceType & INSTANCE_TYPE_WRITE) {
instanceType &= ~INSTANCE_TYPE_WRITE;
ldb_msg_remove_attr(msg, "instanceType");
@@ -365,6 +366,12 @@ WERROR dsdb_convert_object_ex(struct ldb_context *ldb,
return WERR_INTERNAL_ERROR;
}
}
+ } else {
+ if (!(instanceType & INSTANCE_TYPE_WRITE)) {
+ DEBUG(0, ("Refusing to replicate %s from a read-only repilca into a read-write replica!\n",
+ ldb_dn_get_linearized(msg->dn)));
+ return WERR_DS_DRA_SOURCE_IS_PARTIAL_REPLICA;
+ }
}
whenChanged_t = nt_time_to_unix(whenChanged);