s4:dsdb/samdb: don't allow objects without objectClass

We're using @ROOTDSE instead of CN=ROOTDSE.

metze

diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index 7d00851792c04053c2b5cb3628eda2d4ce8bcc81..1d240a33fe7f46d9235de15c3f2d1a9fd245f3df 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -414,10 +414,10 @@ static int objectclass_add(struct ldb_module *module, struct ldb_request *req)
                return ldb_next_request(module, req);
        }
 
-       /* Need to object to this, but cn=rootdse doesn't have an objectClass... */
+       /* the objectClass must be specified on add */
        if (ldb_msg_find_element(req->op.add.message, 
                                 "objectClass") == NULL) {
-               return ldb_next_request(module, req);
+               return LDB_ERR_OBJECT_CLASS_VIOLATION;
        }
 
        ac = oc_init_context(module, req);