enum op_remove {
OPERATIONAL_REMOVE_ALWAYS, /* remove always */
OPERATIONAL_REMOVE_UNASKED,/* remove if not requested */
+ OPERATIONAL_REMOVE_NOBYPASS_OR_UNASKED,/* remove if not requested or if bypassoperational is not set */
OPERATIONAL_SD_FLAGS, /* show if SD_FLAGS_OID set, or asked for */
OPERATIONAL_REMOVE_UNLESS_CONTROL /* remove always unless an adhoc control has been specified */
};
{ "nTSecurityDescriptor", OPERATIONAL_SD_FLAGS },
{ "msDS-KeyVersionNumber", OPERATIONAL_REMOVE_UNLESS_CONTROL },
{ "parentGUID", OPERATIONAL_REMOVE_ALWAYS },
- { "replPropertyMetaData", OPERATIONAL_REMOVE_UNASKED },
+ { "replPropertyMetaData", OPERATIONAL_REMOVE_NOBYPASS_OR_UNASKED },
#define _SEP ,OPERATIONAL_REMOVE_UNASKED},{
{ DSDB_SECRET_ATTRIBUTES_EX(_SEP), OPERATIONAL_REMOVE_UNASKED }
};
/* removed any attrs that should not be shown to the user */
for (i=0; i<ARRAY_SIZE(operational_remove); i++) {
switch (operational_remove[i].op) {
+ case OPERATIONAL_REMOVE_NOBYPASS_OR_UNASKED:
+ if (controls_flags->bypassoperational) {
+ continue;
+ }
case OPERATIONAL_REMOVE_UNASKED:
if (ldb_attr_in_list(attrs_from_user, operational_remove[i].attr)) {
continue;