summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c18
-rw-r--r--source4/dsdb/samdb/ldb_modules/util.c12
2 files changed, 20 insertions, 10 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index ee43d84398..04b8dff0e0 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -1009,7 +1009,8 @@ static int samldb_prim_group_change(struct samldb_ctx *ac)
struct ldb_dn *prev_prim_group_dn, *new_prim_group_dn;
int ret;
- el = dsdb_get_single_valued_attr(ac->msg, "primaryGroupID");
+ el = dsdb_get_single_valued_attr(ac->msg, "primaryGroupID",
+ ac->req->operation);
if (el == NULL) {
/* we are not affected */
return LDB_SUCCESS;
@@ -1154,7 +1155,8 @@ static int samldb_user_account_control_change(struct samldb_ctx *ac)
struct ldb_message *tmp_msg;
int ret;
- el = dsdb_get_single_valued_attr(ac->msg, "userAccountControl");
+ el = dsdb_get_single_valued_attr(ac->msg, "userAccountControl",
+ ac->req->operation);
if (el == NULL) {
/* we are not affected */
return LDB_SUCCESS;
@@ -1227,7 +1229,8 @@ static int samldb_group_type_change(struct samldb_ctx *ac)
struct ldb_message *tmp_msg;
int ret;
- el = dsdb_get_single_valued_attr(ac->msg, "groupType");
+ el = dsdb_get_single_valued_attr(ac->msg, "groupType",
+ ac->req->operation);
if (el == NULL) {
/* we are not affected */
return LDB_SUCCESS;
@@ -1313,7 +1316,8 @@ static int samldb_sam_accountname_check(struct samldb_ctx *ac)
struct ldb_message *tmp_msg;
int ret;
- el = dsdb_get_single_valued_attr(ac->msg, "sAMAccountName");
+ el = dsdb_get_single_valued_attr(ac->msg, "sAMAccountName",
+ ac->req->operation);
if (el == NULL) {
/* we are not affected */
return LDB_SUCCESS;
@@ -1487,8 +1491,10 @@ static int samldb_service_principal_names_change(struct samldb_ctx *ac)
unsigned int i;
int ret;
- el = dsdb_get_single_valued_attr(ac->msg, "dNSHostName");
- el2 = dsdb_get_single_valued_attr(ac->msg, "sAMAccountName");
+ el = dsdb_get_single_valued_attr(ac->msg, "dNSHostName",
+ ac->req->operation);
+ el2 = dsdb_get_single_valued_attr(ac->msg, "sAMAccountName",
+ ac->req->operation);
if ((el == NULL) && (el2 == NULL)) {
/* we are not affected */
return LDB_SUCCESS;
diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c
index 7d6fcc47ad..07a3d0ad07 100644
--- a/source4/dsdb/samdb/ldb_modules/util.c
+++ b/source4/dsdb/samdb/ldb_modules/util.c
@@ -1118,7 +1118,8 @@ void dsdb_req_chain_debug(struct ldb_request *req, int level)
* enhanced (no other modifications as deletions, variations).
*/
struct ldb_message_element *dsdb_get_single_valued_attr(struct ldb_message *msg,
- const char *attr_name)
+ const char *attr_name,
+ enum ldb_request_type operation)
{
struct ldb_message_element *el = NULL;
unsigned int i;
@@ -1129,9 +1130,12 @@ struct ldb_message_element *dsdb_get_single_valued_attr(struct ldb_message *msg,
* If "el" is NULL afterwards then that means there was no interesting
* change entry. */
for (i = 0; i < msg->num_elements; i++) {
- if ((ldb_attr_cmp(msg->elements[i].name, attr_name) == 0) &&
- (LDB_FLAG_MOD_TYPE(msg->elements[i].flags)
- != LDB_FLAG_MOD_DELETE)) {
+ if (ldb_attr_cmp(msg->elements[i].name, attr_name) == 0) {
+ if ((operation == LDB_MODIFY) &&
+ (LDB_FLAG_MOD_TYPE(msg->elements[i].flags)
+ == LDB_FLAG_MOD_DELETE)) {
+ continue;
+ }
el = &msg->elements[i];
}
}