From 508dfb885860a8134b80120410a6db4fa7515b9b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sun, 18 Nov 2012 20:04:56 +0100 Subject: [PATCH] schema inherit acl --- source4/dsdb/samdb/ldb_modules/schema_data.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/source4/dsdb/samdb/ldb_modules/schema_data.c b/source4/dsdb/samdb/ldb_modules/schema_data.c index 3e0bb9c9c475..3e174fe6efe7 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_data.c +++ b/source4/dsdb/samdb/ldb_modules/schema_data.c @@ -157,6 +157,11 @@ static int schema_data_add(struct ldb_module *module, struct ldb_request *req) return ldb_next_request(module, req); } + /* do not manipulate our control entries */ + if (ldb_dn_is_special(req->op.mod.message->dn)) { + return ldb_next_request(module, req); + } + schema = dsdb_get_schema(ldb, req); if (!schema) { return ldb_next_request(module, req); @@ -256,6 +261,7 @@ static int schema_data_modify(struct ldb_module *module, struct ldb_request *req int cmp; bool rodc = false; int ret; + struct ldb_control *sd_recalculate_control; ldb = ldb_module_get_ctx(module); @@ -274,6 +280,14 @@ static int schema_data_modify(struct ldb_module *module, struct ldb_request *req return ldb_next_request(module, req); } + sd_recalculate_control = ldb_request_get_control(req, + LDB_CONTROL_RECALCULATE_SD_OID); + if ((sd_recalculate_control != NULL) && + (sd_recalculate_control->data != NULL)) + { + return ldb_next_request(module, req); + } + schema = dsdb_get_schema(ldb, req); if (!schema) { return ldb_next_request(module, req); @@ -325,7 +339,7 @@ static int schema_data_modify(struct ldb_module *module, struct ldb_request *req if (!schema->fsmo.update_allowed && !rodc) { ldb_debug_set(ldb, LDB_DEBUG_ERROR, - "schema_data_add: updates are not allowed: reject request\n"); + "schema_data_modify: updates are not allowed: reject request\n"); return LDB_ERR_UNWILLING_TO_PERFORM; } -- 2.34.1