* only on application NCs - not on the standard DCs */
if (oc_changes &&
(dsdb_forest_functional_level(ldb) < DS_DOMAIN_FUNCTION_2003)) {
- int cnt = samdb_search_count(ldb, ac,
- ldb_get_default_basedn(ldb),
- "(distinguishedName=%s)",
- ldb_dn_get_linearized(req->op.mod.message->dn));
- if (cnt == 0) {
- cnt = samdb_search_count(ldb, ac,
- ldb_get_config_basedn(ldb),
- "(distinguishedName=%s)",
- ldb_dn_get_linearized(req->op.mod.message->dn));
- }
- if (cnt == 0) {
- cnt = samdb_search_count(ldb, ac,
- ldb_get_schema_basedn(ldb),
- "(distinguishedName=%s)",
- ldb_dn_get_linearized(req->op.mod.message->dn));
+ struct ldb_dn *nc_root;
+
+ ret = dsdb_find_nc_root(ldb, ac, req->op.mod.message->dn,
+ &nc_root);
+ if (ret != LDB_SUCCESS) {
+ return ret;
}
- if (cnt != 0) {
+
+ if ((ldb_dn_compare(nc_root, ldb_get_default_basedn(ldb)) == 0) ||
+ (ldb_dn_compare(nc_root, ldb_get_config_basedn(ldb)) == 0) ||
+ (ldb_dn_compare(nc_root, ldb_get_schema_basedn(ldb)) == 0)) {
+ ldb_set_errstring(ldb,
+ "objectclass: object class changes on objects under the standard name contexts not allowed!");
return LDB_ERR_UNWILLING_TO_PERFORM;
}
+
+ talloc_free(nc_root);
}
ret = ldb_build_mod_req(&down_req, ldb, ac,
ldb_debug(ldb, LDB_DEBUG_TRACE, "objectclass_rename\n");
/* do not manipulate our control entries */
- if (ldb_dn_is_special(req->op.rename.newdn)) {
+ if (ldb_dn_is_special(req->op.rename.olddn)) {
return ldb_next_request(module, req);
}
git.samba.org / samba.git / blobdiff