^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_object_in_conflict
-^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inherit_existing_object
^samba4.drs.repl_secdesc.python\(.*\).repl_secdesc.ReplAclTestCase.test_acl_inheirt_renamed_child_object
replmd_ldb_message_sort(msg, ar->schema);
if (!remote_isDeleted) {
+ /*
+ * Ensure any local ACL inheritence is applied from
+ * the parent object.
+ *
+ * This is needed because descriptor is above
+ * repl_meta_data in the module stack, so this will
+ * not be trigered 'naturally' by the flow of
+ * operations.
+ */
ret = dsdb_module_schedule_sd_propagation(ar->module,
ar->objs->partition_dn,
msg->dn, true);
}
if (sd_updated && !isDeleted) {
+ /*
+ * This is an existing object, so there is no need to
+ * inherit from the parent, but we must inherit any
+ * incoming changes to our child objects.
+ *
+ * This is needed because descriptor is above
+ * repl_meta_data in the module stack, so this will
+ * not be trigered 'naturally' by the flow of
+ * operations.
+ */
ret = dsdb_module_schedule_sd_propagation(ar->module,
ar->objs->partition_dn,
- msg->dn, true);
+ msg->dn,
+ false);
if (ret != LDB_SUCCESS) {
return ldb_operr(ldb);
}
git.samba.org / amitay / samba.git / commitdiff