TODO pass DSDB_FLAG_AS_SYSTEM...

diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c
index 1a41ee231f2f22b3eaadfbe6df8088b4c8fd7f4e..ed7a196d46d877b46414304bdccbcd94bb3d3c92 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -112,7 +112,9 @@ static int acl_module_init(struct ldb_module *module)
        ret = dsdb_module_search_dn(module, mem_ctx, &res,
                                    ldb_dn_new(mem_ctx, ldb, "@KLUDGEACL"),
                                    attrs,
-                                   DSDB_FLAG_NEXT_MODULE, NULL);
+                                   DSDB_FLAG_NEXT_MODULE |
+                                   DSDB_FLAG_AS_SYSTEM,
+                                   NULL);
        if (ret != LDB_SUCCESS) {
                goto done;
        }
@@ -652,6 +654,7 @@ static int acl_check_spn(TALLOC_CTX *mem_ctx,
                                    &acl_res, req->op.mod.message->dn,
                                    acl_attrs,
                                    DSDB_FLAG_NEXT_MODULE |
+                                   DSDB_FLAG_AS_SYSTEM |
                                    DSDB_SEARCH_SHOW_DELETED, req);
        if (ret != LDB_SUCCESS) {
                talloc_free(tmp_ctx);
@@ -666,7 +669,8 @@ static int acl_check_spn(TALLOC_CTX *mem_ctx,
                                 &netbios_res, partitions_dn,
                                 LDB_SCOPE_ONELEVEL,
                                 netbios_attrs,
-                                DSDB_FLAG_NEXT_MODULE,
+                                DSDB_FLAG_NEXT_MODULE |
+                                DSDB_FLAG_AS_SYSTEM,
                                 req,
                                 "(ncName=%s)",
                                 ldb_dn_get_linearized(ldb_get_default_basedn(ldb)));
@@ -974,7 +978,9 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req)
        }
        ret = dsdb_module_search_dn(module, tmp_ctx, &acl_res, req->op.mod.message->dn,
                                    acl_attrs,
-                                   DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SHOW_DELETED,
+                                   DSDB_FLAG_NEXT_MODULE |
+                                   DSDB_FLAG_AS_SYSTEM |
+                                   DSDB_SEARCH_SHOW_DELETED,
                                    req);
 
        if (ret != LDB_SUCCESS) {
@@ -1257,6 +1263,7 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req)
        ret = dsdb_module_search_dn(module, tmp_ctx, &acl_res,
                                    req->op.rename.olddn, acl_attrs,
                                    DSDB_FLAG_NEXT_MODULE |
+                                   DSDB_FLAG_AS_SYSTEM |
                                    DSDB_SEARCH_SHOW_RECYCLED, req);
        /* we sould be able to find the parent */
        if (ret != LDB_SUCCESS) {
@@ -1462,6 +1469,7 @@ static int acl_search_callback(struct ldb_request *req, struct ldb_reply *ares)
                        ret = dsdb_module_search_dn(ac->module, ac, &acl_res, ares->message->dn, 
                                                    acl_attrs,
                                                    DSDB_FLAG_NEXT_MODULE |
+                                                   DSDB_FLAG_AS_SYSTEM |
                                                    DSDB_SEARCH_SHOW_DELETED, req);
                        if (ret != LDB_SUCCESS) {
                                return ldb_module_done(ac->req, NULL, NULL, ret);

diff --git a/source4/dsdb/samdb/ldb_modules/acl_read.c b/source4/dsdb/samdb/ldb_modules/acl_read.c
index e2a2d4cb9ae01a2faef2dd90a3c7e3dad537d463..15ce0dacba7a230d5b47b5afa80361dd4b1452d6 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/acl_read.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_read.c
@@ -287,6 +287,7 @@ static int aclread_search(struct ldb_module *module, struct ldb_request *req)
                ret = dsdb_module_search_dn(module, req, &res, req->op.search.base,
                                            acl_attrs,
                                            DSDB_FLAG_NEXT_MODULE |
+                                           DSDB_FLAG_AS_SYSTEM |
                                            DSDB_SEARCH_SHOW_DELETED, req);
                if (ret != LDB_SUCCESS) {
                        return ldb_error(ldb, ret,

diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c
index 50bf88869158e5a1ff9eb649956c2c7edd1f5c23..c25979de8d27a4fafa5dad2859d055da4ed78cc3 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/acl_util.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_util.c
@@ -74,6 +74,7 @@ int dsdb_module_check_access_on_dn(struct ldb_module *module,
        ret = dsdb_module_search_dn(module, mem_ctx, &acl_res, dn,
                                    acl_attrs,
                                    DSDB_FLAG_NEXT_MODULE |
+                                   DSDB_FLAG_AS_SYSTEM |
                                    DSDB_SEARCH_SHOW_RECYCLED,
                                    parent);
        if (ret != LDB_SUCCESS) {

diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
index e6668bfee6d0cc96f1d1e278030f76e1455a146b..2a8f5b4d0c70c62643e9da068aeb34726d23dce6 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -521,7 +521,8 @@ static int descriptor_add(struct ldb_module *module, struct ldb_request *req)
                /* we aren't any NC */
                ret = dsdb_module_search_dn(module, req, &parent_res, parent_dn,
                                            parent_attrs,
-                                           DSDB_FLAG_NEXT_MODULE,
+                                           DSDB_FLAG_NEXT_MODULE |
+                                           DSDB_FLAG_AS_SYSTEM,
                                            req);
                if (ret != LDB_SUCCESS) {
                        ldb_debug(ldb, LDB_DEBUG_TRACE,"descriptor_add: Could not find SD for %s\n",
@@ -634,7 +635,7 @@ static int descriptor_modify(struct ldb_module *module, struct ldb_request *req)
        if (ldb_dn_is_special(dn)) {
                return ldb_next_request(module, req);
        }
-       flags = DSDB_FLAG_NEXT_MODULE;
+       flags = DSDB_FLAG_NEXT_MODULE | DSDB_FLAG_AS_SYSTEM;
        if (show_deleted_control) {
                flags |= DSDB_SEARCH_SHOW_DELETED;
        }
@@ -661,7 +662,8 @@ static int descriptor_modify(struct ldb_module *module, struct ldb_request *req)
                ret = dsdb_module_search_dn(module, state, &parent_res,
                                            parent_dn,
                                            parent_attrs,
-                                           DSDB_FLAG_NEXT_MODULE,
+                                           DSDB_FLAG_NEXT_MODULE |
+                                           DSDB_FLAG_AS_SYSTEM,
                                            req);
                if (ret != LDB_SUCCESS) {
                        ldb_debug(ldb, LDB_DEBUG_ERROR, "descriptor_modify: Could not find SD for %s\n",