From ca8b86c51a5941555d61b02b82fb6b7c4e674f08 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Tue, 20 Jun 2006 20:05:39 +0000
Subject: r16427: Fix bug # 3848. Thanks to Wilco Baan Hofman for testing the
 release candidate!

Volker
(This used to be commit adf2dcce09ae29a8c1677b25e1cd5f022b804d01)
---
 source3/passdb/pdb_ldap.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'source3')

diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 2a824c137f..4a9794e186 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -1796,6 +1796,19 @@ static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, struc
 	ldap_mods_free(mods,True);
 	SAFE_FREE(dn);
 
+	/*
+	 * We need to set the backend private data to NULL here. For example
+	 * setuserinfo level 25 does a pdb_update_sam_account twice on the
+	 * same one, and with the explicit delete / add logic for attribute
+	 * values the second time we would use the wrong "old" value which
+	 * does not exist in LDAP anymore. Thus the LDAP server would refuse
+	 * the update.
+	 * The existing LDAPMessage is still being auto-freed by the
+	 * destructor.
+	 */
+	pdb_set_backend_private_data(newpwd, NULL, NULL, my_methods,
+				     PDB_CHANGED);
+
 	if (!NT_STATUS_IS_OK(ret)) {
 		return ret;
 	}
-- 
cgit