}
if (W_ERROR_EQUAL(status, WERR_TOO_MANY_SECRETS)) {
WERROR get_name_status = dsdb_attribute_drsuapi_to_ldb(ldb, schema, pfm_remote,
- a, msg->elements, e);
+ a, msg->elements, e, NULL);
if (W_ERROR_IS_OK(get_name_status)) {
DEBUG(0, ("Unxpectedly got secret value %s on %s from DRS server\n",
e->name, ldb_dn_get_linearized(msg->dn)));
return status;
}
+ /*
+ * This function also fills in the local attid value,
+ * based on comparing the remote and local prefixMap
+ * tables. If we don't convert the value, then we can
+ * have invalid values in the replPropertyMetaData we
+ * store on disk, as the prefixMap is per host, not
+ * per-domain. This may be why Microsoft added the
+ * msDS-IntID feature, however this is not used for
+ * extra attributes in the schema partition itself.
+ */
status = dsdb_attribute_drsuapi_to_ldb(ldb, schema, pfm_remote,
- a, msg->elements, e);
+ a, msg->elements, e,
+ &m->attid);
W_ERROR_NOT_OK_RETURN(status);
- m->attid = a->attid;
m->version = d->version;
m->originating_change_time = d->originating_change_time;
m->originating_invocation_id = d->originating_invocation_id;
e = &msg->elements[i];
status = dsdb_attribute_drsuapi_to_ldb(ldb, schema, schema->prefixmap,
- a, msg->elements, e);
+ a, msg->elements, e, NULL);
W_ERROR_NOT_OK_RETURN(status);
}
const struct dsdb_schema_prefixmap *pfm_remote,
const struct drsuapi_DsReplicaAttribute *in,
TALLOC_CTX *mem_ctx,
- struct ldb_message_element *out)
+ struct ldb_message_element *out,
+ enum drsuapi_DsAttributeId *local_attid_as_enum)
{
const struct dsdb_attribute *sa;
struct dsdb_syntax_ctx syntax_ctx;
return WERR_DS_ATT_NOT_DEF_IN_SCHEMA;
}
+ /*
+ * We return the same class of attid as we were given. That
+ * is, we trust the remote server not to use an
+ * msDS-IntId value in the schema partition
+ */
+ if (local_attid_as_enum != NULL) {
+ *local_attid_as_enum = (enum drsuapi_DsAttributeId)attid_local;
+ }
+
return sa->syntax->drsuapi_to_ldb(&syntax_ctx, sa, in, mem_ctx, out);
}