summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index c31e1ad4bf..4d7b8a1b6d 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -830,6 +830,12 @@ static int samldb_objectclass_trigger(struct samldb_ctx *ac)
/* Step 1.3: "userAccountControl" -> "sAMAccountType" mapping */
user_account_control = strtoul((const char *)el->values[0].data,
NULL, 0);
+
+ /* Temporary duplicate accounts aren't allowed */
+ if ((user_account_control & UF_TEMP_DUPLICATE_ACCOUNT) != 0) {
+ return LDB_ERR_OTHER;
+ }
+
account_type = ds_uf2atype(user_account_control);
if (account_type == 0) {
ldb_set_errstring(ldb, "samldb: Unrecognized account type!");
@@ -1386,6 +1392,12 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req)
user_account_control = strtoul((const char *)el->values[0].data,
NULL, 0);
+
+ /* Temporary duplicate accounts aren't allowed */
+ if ((user_account_control & UF_TEMP_DUPLICATE_ACCOUNT) != 0) {
+ return LDB_ERR_OTHER;
+ }
+
account_type = ds_uf2atype(user_account_control);
if (account_type == 0) {
ldb_set_errstring(ldb, "samldb: Unrecognized account type!");
generated by cgit (git 2.34.1) at 2024-11-05 08:13:14 +0000