git.samba.org
/
metze
/
samba
/
wip.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
c82a816
)
s4-samdb: when UF_SERVER_TRUST_ACCOUNT is set mark object as critical
author
Andrew Tridgell
<tridge@samba.org>
Fri, 25 Sep 2009 22:14:43 +0000
(15:14 -0700)
committer
Andrew Tridgell
<tridge@samba.org>
Mon, 28 Sep 2009 00:24:13 +0000
(10:24 +1000)
We may also need to remove the isCriticalSystemObject when the machine
is demoted
source4/dsdb/samdb/ldb_modules/samldb.c
patch
|
blob
|
history
diff --git
a/source4/dsdb/samdb/ldb_modules/samldb.c
b/source4/dsdb/samdb/ldb_modules/samldb.c
index 8f51dc7699c2fe73460bb01b74be33171cd571c9..e59b5dd1ce737bd7310e9e94dfcc40059aec2529 100644
(file)
--- a/
source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/
source4/dsdb/samdb/ldb_modules/samldb.c
@@
-2005,6
+2005,16
@@
static int samldb_modify(struct ldb_module *module, struct ldb_request *req)
}
el2 = ldb_msg_find_element(msg, "sAMAccountType");
el2->flags = LDB_FLAG_MOD_REPLACE;
+
+ if (user_account_control & UF_SERVER_TRUST_ACCOUNT) {
+ ret = samdb_msg_add_string(ldb, msg, msg,
+ "isCriticalSystemObject", "TRUE");
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+ el2 = ldb_msg_find_element(msg, "isCriticalSystemObject");
+ el2->flags = LDB_FLAG_MOD_REPLACE;
+ }
}
el = ldb_msg_find_element(req->op.mod.message, "primaryGroupID");