From 21cf5c82a2e23cfef8aa2ba0d0251c94564620e0 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Sat, 20 Jan 2007 09:46:42 +0000
Subject: r20921: - only give password attributes to the SYSTEM account - but
 SYSTEM and administrators can change them

metze
(This used to be commit fc5319e927d96b68d8bd90a01e10aa00a6ddf494)
---
 source4/dsdb/samdb/ldb_modules/kludge_acl.c | 2 --
 1 file changed, 2 deletions(-)

(limited to 'source4/dsdb')

diff --git a/source4/dsdb/samdb/ldb_modules/kludge_acl.c b/source4/dsdb/samdb/ldb_modules/kludge_acl.c
index 8876db0482..e2a11cf87d 100644
--- a/source4/dsdb/samdb/ldb_modules/kludge_acl.c
+++ b/source4/dsdb/samdb/ldb_modules/kludge_acl.c
@@ -126,7 +126,6 @@ static int kludge_acl_callback(struct ldb_context *ldb, void *context, struct ld
 	{
 		switch (ac->user_type) {
 		case SYSTEM:
-		case ADMINISTRATOR:
 			break;
 		default:
 			/* remove password attributes */
@@ -183,7 +182,6 @@ static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req)
 	   just as we would not allow that attribute to be returned */
 	switch (ac->user_type) {
 	case SYSTEM:
-	case ADMINISTRATOR:
 		break;
 	default:
 		/* remove password attributes */
-- 
cgit