From 327d2be4529722b69e1663858f634a79c5091ed9 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 17 Nov 2008 10:51:39 +0100
Subject: s4:dsdb/samdb: don't allow objects without objectClass

We're using @ROOTDSE instead of CN=ROOTDSE.

metze
---
 source4/dsdb/samdb/ldb_modules/objectclass.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source4')

diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index 7d00851792..1d240a33fe 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -414,10 +414,10 @@ static int objectclass_add(struct ldb_module *module, struct ldb_request *req)
 		return ldb_next_request(module, req);
 	}
 
-	/* Need to object to this, but cn=rootdse doesn't have an objectClass... */
+	/* the objectClass must be specified on add */
 	if (ldb_msg_find_element(req->op.add.message, 
 				 "objectClass") == NULL) {
-		return ldb_next_request(module, req);
+		return LDB_ERR_OBJECT_CLASS_VIOLATION;
 	}
 
 	ac = oc_init_context(module, req);
-- 
cgit