flags = SECINFO_OWNER | SECINFO_GROUP | SECINFO_SACL | SECINFO_DACL;
}
else {
+ const struct dsdb_attribute *attr;
+
+ attr = dsdb_attribute_by_lDAPDisplayName(ac->schema,
+ "nTSecurityDescriptor");
+ if (attr == NULL) {
+ return ldb_operr(ldb);
+ }
+
/* Get the security descriptor from the message */
ret = dsdb_get_sd_from_ldb_message(ldb, msg, sd_msg, &sd);
if (ret != LDB_SUCCESS) {
sd,
sid,
SEC_STD_WRITE_OWNER,
- NULL);
+ attr);
if (ret == LDB_SUCCESS) {
flags |= SECINFO_OWNER | SECINFO_GROUP;
}
sd,
sid,
SEC_STD_WRITE_DAC,
- NULL);
+ attr);
if (ret == LDB_SUCCESS) {
flags |= SECINFO_DACL;
}
sd,
sid,
SEC_FLAG_SYSTEM_SECURITY,
- NULL);
+ attr);
if (ret == LDB_SUCCESS) {
flags |= SECINFO_SACL;
}