summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/dsdb/samdb/ldb_modules/local_password.c18
1 files changed, 6 insertions, 12 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/local_password.c b/source4/dsdb/samdb/ldb_modules/local_password.c
index f544689b8b..c0e1e9a4bb 100644
--- a/source4/dsdb/samdb/ldb_modules/local_password.c
+++ b/source4/dsdb/samdb/ldb_modules/local_password.c
@@ -39,13 +39,15 @@
#define PASSWORD_GUID_ATTR "masterGUID"
-/* This module maintains a local password database, seperate from the main LDAP server.
+/* This module maintains a local password database, separate from the main LDAP
+ server.
- This allows the password database to be syncronised in a multi-master
+ This allows the password database to be synchronised in a multi-master
fashion, seperate to the more difficult concerns of the main
- database. (With passwords, the last writer always wins)
+ database. (With passwords, the last writer always wins)
- Each incoming add/modify is split into a remote, and a local request, done in that order.
+ Each incoming add/modify is split into a remote, and a local request, done
+ in that order.
We maintain a list of attributes that are kept locally - perhaps
this should use the @KLUDGE_ACL list of passwordAttribute
@@ -173,14 +175,6 @@ static int local_password_add(struct ldb_module *module, struct ldb_request *req
return ldb_next_request(module, req);
}
- /* TODO: remove this when userPassword will be in schema */
- if (!ldb_msg_check_string_attribute(req->op.add.message, "objectClass", "person")) {
- ldb_asprintf_errstring(ldb,
- "Cannot relocate a password on entry: %s, does not have objectClass 'person'",
- ldb_dn_get_linearized(req->op.add.message->dn));
- return LDB_ERR_OBJECT_CLASS_VIOLATION;
- }
-
/* From here, we assume we have password attributes to split off */
ac = lpdb_init_context(module, req);
if (!ac) {