s4:dsdb/acl_read: do search for instanceType AS_SYSTEM and with SHOW_RECYCLED

Note that SHOW_RECYCLED implies SHOW_DELETED.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source4/dsdb/samdb/ldb_modules/acl_read.c b/source4/dsdb/samdb/ldb_modules/acl_read.c
index e2a2d4cb9ae01a2faef2dd90a3c7e3dad537d463..bc75d3221bf02c0945b86a2deabd26e7d3acdd41 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/acl_read.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_read.c
@@ -287,7 +287,9 @@ static int aclread_search(struct ldb_module *module, struct ldb_request *req)
                ret = dsdb_module_search_dn(module, req, &res, req->op.search.base,
                                            acl_attrs,
                                            DSDB_FLAG_NEXT_MODULE |
-                                           DSDB_SEARCH_SHOW_DELETED, req);
+                                           DSDB_FLAG_AS_SYSTEM |
+                                           DSDB_SEARCH_SHOW_RECYCLED,
+                                           req);
                if (ret != LDB_SUCCESS) {
                        return ldb_error(ldb, ret,
                                        "acl_read: Error retrieving instanceType for base.");