s4-dsdb: set LDB_FLAG_INTERNAL_DISABLE_VALIDATION for msDS-SecondaryKrbTgtNumber

msDS-SecondaryKrbTgtNumber is setup with a value that is outside the
range allowed by the schema (the schema has
rangeLower==rangeUpper==65536). We need to mark this element as being
internally generated to avoid the range checks

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 2b46867b1ad37017e1c7ff09badbe2afb5e80363..ac8dff938e838b46f0b062956bbd5167b67d6a2a 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -373,6 +373,7 @@ static int samldb_rodc_add(struct samldb_ctx *ac)
 {
        struct ldb_context *ldb = ldb_module_get_ctx(ac->module);
        unsigned krbtgt_number, i_start, i;
+       int ret;
 
        /* find a unused msDC-SecondaryKrbTgtNumber */
        i_start = generate_random() & 0xFFFF;
@@ -399,7 +400,13 @@ static int samldb_rodc_add(struct samldb_ctx *ac)
        return LDB_ERR_OTHER;
 
 found:
-       if (ldb_msg_add_fmt(ac->msg, "msDS-SecondaryKrbTgtNumber", "%u", krbtgt_number) != LDB_SUCCESS) {
+       ret = ldb_msg_add_empty(ac->msg, "msDS-SecondaryKrbTgtNumber", LDB_FLAG_INTERNAL_DISABLE_VALIDATION, NULL);
+       if (ret != LDB_SUCCESS) {
+               return ldb_operr(ldb);
+       }
+
+       ret = ldb_msg_add_fmt(ac->msg, "msDS-SecondaryKrbTgtNumber", "%u", krbtgt_number);
+       if (ret != LDB_SUCCESS) {
                return ldb_operr(ldb);
        }