[SCM] Samba Shared Repository - branch master updated

Mon, 15 Nov 2010 05:10:56 -0800 

The branch, master has been updated
       via  16e73c6 s4:objectclass LDB module - implement the "objectClass" 
change restrictions on Windows 2000 forest function level
      from  c3e24bb heimdal_base: Fix include path so heim_threads.h can be 
found.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 16e73c68cb18fe428e83ee1b5ef9e17af743fae4
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date:   Mon Nov 15 13:00:58 2010 +0100

    s4:objectclass LDB module - implement the "objectClass" change restrictions 
on Windows 2000 forest function level
    
    Autobuild-User: Matthias Dieter Wallnöfer <m...@samba.org>
    Autobuild-Date: Mon Nov 15 13:10:05 UTC 2010 on sn-devel-104

-----------------------------------------------------------------------

Summary of changes:
 source4/dsdb/samdb/ldb_modules/objectclass.c |   25 +++++++++++++++++++++++++
 1 files changed, 25 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c 
b/source4/dsdb/samdb/ldb_modules/objectclass.c
index e863d48..5e3226a 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -840,6 +840,31 @@ static int objectclass_modify(struct ldb_module *module, 
struct ldb_request *req
                oc_changes = true;
        }
 
+       /* MS-ADTS 3.1.1.5.3.5 - on a forest level < 2003 we do allow updates
+        * only on application NCs - not on the standard DCs */
+       if (oc_changes &&
+           (dsdb_forest_functional_level(ldb) < DS_DOMAIN_FUNCTION_2003)) {
+               int cnt = samdb_search_count(ldb, ac,
+                                            ldb_get_default_basedn(ldb),
+                                            "(distinguishedName=%s)",
+                                            
ldb_dn_get_linearized(req->op.mod.message->dn));
+               if (cnt == 0) {
+                       cnt = samdb_search_count(ldb, ac,
+                                                ldb_get_config_basedn(ldb),
+                                                "(distinguishedName=%s)",
+                                                
ldb_dn_get_linearized(req->op.mod.message->dn));
+               }
+               if (cnt == 0) {
+                       cnt = samdb_search_count(ldb, ac,
+                                                ldb_get_schema_basedn(ldb),
+                                                "(distinguishedName=%s)",
+                                                
ldb_dn_get_linearized(req->op.mod.message->dn));
+               }
+               if (cnt != 0) {
+                       return LDB_ERR_UNWILLING_TO_PERFORM;
+               }
+       }
+
        ret = ldb_build_mod_req(&down_req, ldb, ac,
                                msg,
                                req->controls, ac,


-- 
Samba Shared Repository

Reply via email to