};
struct acl_private {
+ bool acl_search;
const char **password_attrs;
void *cached_schema_ptr;
uint64_t cached_schema_metadata_usn;
return ldb_oom(ldb);
}
+ data->acl_search = lpcfg_parm_bool(ldb_get_opaque(ldb, "loadparm"),
+ NULL, "acl", "search", false);
ldb_module_set_private(module, data);
mem_ctx = talloc_new(module);
struct dsdb_attribute *a;
uint32_t n = 0;
+ if (data->acl_search) {
+ /*
+ * If acl:search is activated, the acl_read module
+ * protects confidential attributes.
+ */
+ return LDB_SUCCESS;
+ }
+
if ((ac->schema == data->cached_schema_ptr) &&
(ac->schema->loaded_usn == data->cached_schema_loaded_usn) &&
(ac->schema->metadata_usn == data->cached_schema_metadata_usn))