From cb9c7ee79b2f4e8c875bd15c1fddee90648eec19 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 24 Nov 2012 15:25:06 +0100 Subject: s4:dsdb/objectclass_attrs: allow DSDB_CONTROL_SEC_DESC_PROPAGATION_OID on modify Signed-off-by: Stefan Metzmacher Reviewed-by: Michael Adam --- source4/dsdb/samdb/ldb_modules/objectclass_attrs.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'source4/dsdb') diff --git a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c index c521f332ae..316dcf8c14 100644 --- a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c +++ b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c @@ -600,6 +600,9 @@ static int objectclass_attrs_modify(struct ldb_module *module, struct ldb_request *req) { struct ldb_context *ldb; + struct ldb_control *sd_propagation_control; + int ret; + struct oc_context *ac; ldb = ldb_module_get_ctx(module); @@ -611,6 +614,21 @@ static int objectclass_attrs_modify(struct ldb_module *module, return ldb_next_request(module, req); } + sd_propagation_control = ldb_request_get_control(req, + DSDB_CONTROL_SEC_DESC_PROPAGATION_OID); + if (sd_propagation_control != NULL) { + if (req->op.mod.message->num_elements != 1) { + return ldb_module_operr(module); + } + ret = strcmp(req->op.mod.message->elements[0].name, + "nTSecurityDescriptor"); + if (ret != 0) { + return ldb_module_operr(module); + } + + return ldb_next_request(module, req); + } + ac = oc_init_context(module, req); if (ac == NULL) { return ldb_operr(ldb); -- cgit