s4:objectclass LDB module - weak the check for the "rIDSet" delete constraint

Perform it only when a "rIDSet" does exist. Requested by ekacnet for
"upgradeprovision".

diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index 9c2e416dcc93fdb4197b05c54dd2f2605d13a73c..548d51e6141312afca56adaa8bf0fb658a2279d1 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -1366,20 +1366,22 @@ static int objectclass_do_delete(struct oc_context *ac)
        }
 
        /* DC's rIDSet object */
+       /* Perform this check only when it does exist - this is needed in order
+        * to don't let existing provisions break. */
        ret = samdb_rid_set_dn(ldb, ac, &dn);
-       if (ret != LDB_SUCCESS) {
+       if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
                return ret;
        }
-
-       if (ldb_dn_compare(ac->req->op.del.dn, dn) == 0) {
+       if (ret == LDB_SUCCESS) {
+               if (ldb_dn_compare(ac->req->op.del.dn, dn) == 0) {
+                       talloc_free(dn);
+                       ldb_asprintf_errstring(ldb, "objectclass: Cannot delete %s, it's the DC's rIDSet object!",
+                                              ldb_dn_get_linearized(ac->req->op.del.dn));
+                       return LDB_ERR_UNWILLING_TO_PERFORM;
+               }
                talloc_free(dn);
-               ldb_asprintf_errstring(ldb, "objectclass: Cannot delete %s, it's the DC's rIDSet object!",
-                                      ldb_dn_get_linearized(ac->req->op.del.dn));
-               return LDB_ERR_UNWILLING_TO_PERFORM;
        }
 
-       talloc_free(dn);
-
        /* crossRef objects regarding config, schema and default domain NCs */
        if (samdb_find_attribute(ldb, ac->search_res->message, "objectClass",
                                 "crossRef") != NULL) {