git.samba.org / metze / samba / wip.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 58e1272)
schema inherit acl
authorStefan Metzmacher <metze@samba.org>
Sun, 18 Nov 2012 19:04:56 +0000 (20:04 +0100)
committerStefan Metzmacher <metze@samba.org>
Mon, 19 Nov 2012 11:02:12 +0000 (12:02 +0100)
source4/dsdb/samdb/ldb_modules/schema_data.c patch | blob | history

diff --git a/source4/dsdb/samdb/ldb_modules/schema_data.c b/source4/dsdb/samdb/ldb_modules/schema_data.c
index 3e0bb9c9c47585701b4e20a11870de21754e3bed..3e174fe6efe7d6e27f8222d566626855492af5fc 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/schema_data.c
+++ b/source4/dsdb/samdb/ldb_modules/schema_data.c
@@ -157,6 +157,11 @@ static int schema_data_add(struct ldb_module *module, struct ldb_request *req)
                return ldb_next_request(module, req);
        }
 
+       /* do not manipulate our control entries */
+       if (ldb_dn_is_special(req->op.mod.message->dn)) {
+               return ldb_next_request(module, req);
+       }
+
        schema = dsdb_get_schema(ldb, req);
        if (!schema) {
                return ldb_next_request(module, req);
@@ -256,6 +261,7 @@ static int schema_data_modify(struct ldb_module *module, struct ldb_request *req
        int cmp;
        bool rodc = false;
        int ret;
+       struct ldb_control *sd_recalculate_control;
 
        ldb = ldb_module_get_ctx(module);
 
@@ -274,6 +280,14 @@ static int schema_data_modify(struct ldb_module *module, struct ldb_request *req
                return ldb_next_request(module, req);
        }
 
+       sd_recalculate_control = ldb_request_get_control(req,
+                                            LDB_CONTROL_RECALCULATE_SD_OID);
+       if ((sd_recalculate_control != NULL) &&
+           (sd_recalculate_control->data != NULL))
+       {
+               return ldb_next_request(module, req);
+       }
+
        schema = dsdb_get_schema(ldb, req);
        if (!schema) {
                return ldb_next_request(module, req);
@@ -325,7 +339,7 @@ static int schema_data_modify(struct ldb_module *module, struct ldb_request *req
 
        if (!schema->fsmo.update_allowed && !rodc) {
                ldb_debug_set(ldb, LDB_DEBUG_ERROR,
-                         "schema_data_add: updates are not allowed: reject request\n");
+                         "schema_data_modify: updates are not allowed: reject request\n");
                return LDB_ERR_UNWILLING_TO_PERFORM;
        }
 
Work in progress branches