summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/lib/smbldap.c29
1 files changed, 15 insertions, 14 deletions
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index d4cf378e49..d9d73d943f 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -438,22 +438,23 @@ BOOL fetch_ldap_pw(char **dn, char** pw)
the old value, should it exist. */
if ((newval != NULL) && (strlen(newval) > 0)) {
- smbldap_set_mod(mods, LDAP_MOD_ADD, attribute, newval);
- }
+ if (existed) {
+ /* There has been no value before, so don't delete it.
+ * Here's a possible race: We might end up with
+ * duplicate attributes */
+ /* By deleting exactly the value we found in the entry this
+ * should be race-free in the sense that the LDAP-Server will
+ * deny the complete operation if somebody changed the
+ * attribute behind our back. */
+ /* This will also allow modifying single valued attributes
+ * in Novell NDS. In NDS you have to first remove attribute and then
+ * you could add new value */
+
+ smbldap_set_mod(mods, LDAP_MOD_DELETE, attribute, oldval);
+ }
- if (!existed) {
- /* There has been no value before, so don't delete it.
- Here's a possible race: We might end up with
- duplicate attributes */
- return;
+ smbldap_set_mod(mods, LDAP_MOD_ADD, attribute, newval);
}
-
- /* By deleting exactly the value we found in the entry this
- should be race-free in the sense that the LDAP-Server will
- deny the complete operation if somebody changed the
- attribute behind our back. */
-
- smbldap_set_mod(mods, LDAP_MOD_DELETE, attribute, oldval);
}
/**********************************************************************