git.samba.org
/
kai
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
817f752
)
dlz_bind9: For creating a child entry, use only SEC_ADS_CREATE_CHILD
author
Amitay Isaacs
<amitay@gmail.com>
Tue, 29 Nov 2011 23:37:14 +0000
(10:37 +1100)
committer
Amitay Isaacs
<amitay@gmail.com>
Tue, 6 Dec 2011 23:41:26 +0000
(10:41 +1100)
The member servers in AD do not have access to modify the parent, but
do have access to create child DNS records.
source4/dns_server/dlz_bind9.c
patch
|
blob
|
history
diff --git
a/source4/dns_server/dlz_bind9.c
b/source4/dns_server/dlz_bind9.c
index 87476d34446ed9a9ea45a4cc59c53d29b4c08164..cb4144d5987a4e1cb58ac03e6bc7ccceab9e16ec 100644
(file)
--- a/
source4/dns_server/dlz_bind9.c
+++ b/
source4/dns_server/dlz_bind9.c
@@
-1133,7
+1133,7
@@
_PUBLIC_ isc_boolean_t dlz_ssumatch(const char *signer, const char *name, const
attrs, "objectClass=dnsNode");
if (ldb_ret == LDB_ERR_NO_SUCH_OBJECT) {
ldb_dn_remove_child_components(dn, 1);
- access_mask = SEC_
STD_REQUIRED | SEC_
ADS_CREATE_CHILD;
+ access_mask = SEC_ADS_CREATE_CHILD;
talloc_free(res);
} else if (ldb_ret == LDB_SUCCESS) {
access_mask = SEC_STD_REQUIRED | SEC_ADS_SELF_WRITE;