gpo: remove unreached non-DC branch in gp_sec_ext.apply_map()

We don't get this far if we are not a DC, and if somehow we do the
errors will be no more informative due to this special case.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>

diff --git a/python/samba/gp_sec_ext.py b/python/samba/gp_sec_ext.py
index 256a39eab15ce6bbb407e8e594d22ad1cb975f17..55f71b745658e74546624248905d483c2b48c59b 100644 (file)
--- a/python/samba/gp_sec_ext.py
+++ b/python/samba/gp_sec_ext.py
@@ -136,8 +136,6 @@ class gp_sec_ext(gp_inf_ext):
         return "Security GPO extension"
 
     def apply_map(self):
-        if self.lp.get('server role') != 'active directory domain controller':
-            return {}
         return {"System Access": {"MinimumPasswordAge": ("minPwdAge",
                                                          inf_to_ldb),
                                   "MaximumPasswordAge": ("maxPwdAge",