git.samba.org / ira / wip.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
s4:objectclass LDB module - LSA objects - allow them if the SYSTEM control is specified
[ira/wip.git] / source4 / rpc_server / lsa / dcesrv_lsa.c
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 4014ae0742b9fc45fef8c50dae83627818bef3c7..1b55824bb12d041b9ac9e144d16e3a58639aad8b 100644 (file)
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -1056,7 +1056,7 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc
        trusted_domain_state->trusted_domain_dn = talloc_reference(trusted_domain_state, msg->dn);
 
        /* create the trusted_domain */
-       ret = dsdb_add(sam_ldb, msg, DSDB_MODIFY_RELAX);
+       ret = dsdb_add(sam_ldb, msg, DSDB_FLAG_AS_SYSTEM);
        switch (ret) {
        case  LDB_SUCCESS:
                break;
@@ -2949,7 +2949,7 @@ static NTSTATUS dcesrv_lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALL
        secret_state->secret_dn = talloc_reference(secret_state, msg->dn);
 
        /* create the secret */
-       ret = dsdb_add(secret_state->sam_ldb, msg, DSDB_MODIFY_RELAX);
+       ret = dsdb_add(secret_state->sam_ldb, msg, DSDB_FLAG_AS_SYSTEM);
        if (ret != LDB_SUCCESS) {
                DEBUG(0,("Failed to create secret record %s: %s\n",
                         ldb_dn_get_linearized(msg->dn), 
Unnamed repository; edit this file 'description' to name the repository.