From bf49ac99c94e4d937fd8d0532761b5635e372d84 Mon Sep 17 00:00:00 2001
From: Kamen Mazdrashki <kamenim@samba.org>
Date: Mon, 26 Apr 2010 00:22:53 +0300
Subject: s4/dsdb: dsdb_validate_invocation_id() should validate by objectGUID

This function is used in DRSUpdateRefs() implementation where we
get DSA's objectGUID rather than invocationId
---
 source4/rpc_server/drsuapi/updaterefs.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'source4/rpc_server/drsuapi')

diff --git a/source4/rpc_server/drsuapi/updaterefs.c b/source4/rpc_server/drsuapi/updaterefs.c
index 0403db8f88..d52a77959a 100644
--- a/source4/rpc_server/drsuapi/updaterefs.c
+++ b/source4/rpc_server/drsuapi/updaterefs.c
@@ -211,10 +211,10 @@ WERROR dcesrv_drsuapi_DsReplicaUpdateRefs(struct dcesrv_call_state *dce_call, TA
 
 	security_level = security_session_user_level(dce_call->conn->auth_state.session_info, NULL);
 	if (security_level < SECURITY_ADMINISTRATOR) {
-		/* check that they are using an invocationId that they own */
-		ret = dsdb_validate_invocation_id(b_state->sam_ctx,
-						  &req->dest_dsa_guid,
-						  dce_call->conn->auth_state.session_info->security_token->user_sid);
+		/* check that they are using an DSA objectGUID that they own */
+		ret = dsdb_validate_dsa_guid(b_state->sam_ctx,
+		                             &req->dest_dsa_guid,
+		                             dce_call->conn->auth_state.session_info->security_token->user_sid);
 		if (ret != LDB_SUCCESS) {
 			DEBUG(0,(__location__ ": Refusing DsReplicaUpdateRefs for sid %s with GUID %s\n",
 				 dom_sid_string(mem_ctx,
-- 
cgit