summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/dsdb/samdb/ldb_modules/objectclass.c29
1 files changed, 12 insertions, 17 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index 59f6cb0191..4feb8c3849 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -401,13 +401,6 @@ static int objectclass_add(struct ldb_module *module, struct ldb_request *req)
}
}
- /* the various objectclasses must be specified on add operations */
- if (ldb_msg_find_element(req->op.add.message, "objectClass") == NULL) {
- ldb_asprintf_errstring(ldb, "objectclass: Cannot add %s, no objectclass specified!",
- ldb_dn_get_linearized(req->op.add.message->dn));
- return LDB_ERR_OBJECT_CLASS_VIOLATION;
- }
-
ac = oc_init_context(module, req);
if (ac == NULL) {
return ldb_operr(ldb);
@@ -494,14 +487,16 @@ static int objectclass_do_add(struct oc_context *ac)
}
if (ac->schema != NULL) {
- /* This is now the objectClass list from the database */
objectclass_element = ldb_msg_find_element(msg, "objectClass");
-
if (!objectclass_element) {
- /* Where did it go? bail now... */
+ ldb_asprintf_errstring(ldb, "objectclass: Cannot add %s, no objectclass specified!",
+ ldb_dn_get_linearized(msg->dn));
talloc_free(mem_ctx);
- return ldb_operr(ldb);
+ return LDB_ERR_OBJECT_CLASS_VIOLATION;
}
+
+ /* Here we do now get the "objectClass" list from the
+ * database. */
ret = objectclass_sort(ac->module, ac->schema, mem_ctx,
objectclass_element, &sorted);
if (ret != LDB_SUCCESS) {
@@ -570,6 +565,12 @@ static int objectclass_do_add(struct oc_context *ac)
return LDB_ERR_NAMING_VIOLATION;
}
+ if (objectclass->systemOnly && !ldb_request_get_control(ac->req, LDB_CONTROL_RELAX_OID)) {
+ ldb_asprintf_errstring(ldb, "objectClass %s is systemOnly, rejecting creation of %s",
+ objectclass->lDAPDisplayName, ldb_dn_get_linearized(msg->dn));
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ }
+
if (ac->search_res && ac->search_res->message) {
struct ldb_message_element *oc_el
= ldb_msg_find_element(ac->search_res->message, "objectClass");
@@ -600,12 +601,6 @@ static int objectclass_do_add(struct oc_context *ac)
}
}
- if (objectclass->systemOnly && !ldb_request_get_control(ac->req, LDB_CONTROL_RELAX_OID)) {
- ldb_asprintf_errstring(ldb, "objectClass %s is systemOnly, rejecting creation of %s",
- objectclass->lDAPDisplayName, ldb_dn_get_linearized(msg->dn));
- return LDB_ERR_UNWILLING_TO_PERFORM;
- }
-
if (!ldb_msg_find_element(msg, "objectCategory")) {
struct dsdb_extended_dn_store_format *dn_format = talloc_get_type(ldb_module_get_private(ac->module), struct dsdb_extended_dn_store_format);
if (dn_format && dn_format->store_extended_dn_in_ldb == false) {