diff options
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 18 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/util.c | 12 |
2 files changed, 20 insertions, 10 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index ee43d84398..04b8dff0e0 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -1009,7 +1009,8 @@ static int samldb_prim_group_change(struct samldb_ctx *ac) struct ldb_dn *prev_prim_group_dn, *new_prim_group_dn; int ret; - el = dsdb_get_single_valued_attr(ac->msg, "primaryGroupID"); + el = dsdb_get_single_valued_attr(ac->msg, "primaryGroupID", + ac->req->operation); if (el == NULL) { /* we are not affected */ return LDB_SUCCESS; @@ -1154,7 +1155,8 @@ static int samldb_user_account_control_change(struct samldb_ctx *ac) struct ldb_message *tmp_msg; int ret; - el = dsdb_get_single_valued_attr(ac->msg, "userAccountControl"); + el = dsdb_get_single_valued_attr(ac->msg, "userAccountControl", + ac->req->operation); if (el == NULL) { /* we are not affected */ return LDB_SUCCESS; @@ -1227,7 +1229,8 @@ static int samldb_group_type_change(struct samldb_ctx *ac) struct ldb_message *tmp_msg; int ret; - el = dsdb_get_single_valued_attr(ac->msg, "groupType"); + el = dsdb_get_single_valued_attr(ac->msg, "groupType", + ac->req->operation); if (el == NULL) { /* we are not affected */ return LDB_SUCCESS; @@ -1313,7 +1316,8 @@ static int samldb_sam_accountname_check(struct samldb_ctx *ac) struct ldb_message *tmp_msg; int ret; - el = dsdb_get_single_valued_attr(ac->msg, "sAMAccountName"); + el = dsdb_get_single_valued_attr(ac->msg, "sAMAccountName", + ac->req->operation); if (el == NULL) { /* we are not affected */ return LDB_SUCCESS; @@ -1487,8 +1491,10 @@ static int samldb_service_principal_names_change(struct samldb_ctx *ac) unsigned int i; int ret; - el = dsdb_get_single_valued_attr(ac->msg, "dNSHostName"); - el2 = dsdb_get_single_valued_attr(ac->msg, "sAMAccountName"); + el = dsdb_get_single_valued_attr(ac->msg, "dNSHostName", + ac->req->operation); + el2 = dsdb_get_single_valued_attr(ac->msg, "sAMAccountName", + ac->req->operation); if ((el == NULL) && (el2 == NULL)) { /* we are not affected */ return LDB_SUCCESS; diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c index 7d6fcc47ad..07a3d0ad07 100644 --- a/source4/dsdb/samdb/ldb_modules/util.c +++ b/source4/dsdb/samdb/ldb_modules/util.c @@ -1118,7 +1118,8 @@ void dsdb_req_chain_debug(struct ldb_request *req, int level) * enhanced (no other modifications as deletions, variations). */ struct ldb_message_element *dsdb_get_single_valued_attr(struct ldb_message *msg, - const char *attr_name) + const char *attr_name, + enum ldb_request_type operation) { struct ldb_message_element *el = NULL; unsigned int i; @@ -1129,9 +1130,12 @@ struct ldb_message_element *dsdb_get_single_valued_attr(struct ldb_message *msg, * If "el" is NULL afterwards then that means there was no interesting * change entry. */ for (i = 0; i < msg->num_elements; i++) { - if ((ldb_attr_cmp(msg->elements[i].name, attr_name) == 0) && - (LDB_FLAG_MOD_TYPE(msg->elements[i].flags) - != LDB_FLAG_MOD_DELETE)) { + if (ldb_attr_cmp(msg->elements[i].name, attr_name) == 0) { + if ((operation == LDB_MODIFY) && + (LDB_FLAG_MOD_TYPE(msg->elements[i].flags) + == LDB_FLAG_MOD_DELETE)) { + continue; + } el = &msg->elements[i]; } } |