trusted_domain_state->trusted_domain_dn = talloc_reference(trusted_domain_state, msg->dn);
/* create the trusted_domain */
- ret = dsdb_add(sam_ldb, msg, DSDB_MODIFY_RELAX);
+ ret = dsdb_add(sam_ldb, msg, DSDB_FLAG_AS_SYSTEM);
switch (ret) {
case LDB_SUCCESS:
break;
secret_state->secret_dn = talloc_reference(secret_state, msg->dn);
/* create the secret */
- ret = dsdb_add(secret_state->sam_ldb, msg, DSDB_MODIFY_RELAX);
+ ret = dsdb_add(secret_state->sam_ldb, msg, DSDB_FLAG_AS_SYSTEM);
if (ret != LDB_SUCCESS) {
DEBUG(0,("Failed to create secret record %s: %s\n",
ldb_dn_get_linearized(msg->dn),