This requires as a pre-requisite that the auth stack is not run twice.
We remove the knownfail introduced in the earlier patch.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
# We currently don't send referrals for LDAP modify of non-replicated attrs
^samba4.ldap.rodc.python\(rodc\).__main__.RodcTests.test_modify_nonreplicated.*
^samba4.ldap.rodc_rwdc.python.*.__main__.RodcRwdcTests.test_change_password_reveal_on_demand_kerberos
-^samba4.ldap.rodc_rwdc.python.*.__main__.RodcRwdcTests.test_change_password_reveal_on_demand_ntlm
struct ldb_message *dom_msg;
struct samr_Password *lm_pwd;
struct samr_Password *nt_pwd;
+ bool am_rodc;
tmp_ctx = talloc_new(mem_ctx);
if (tmp_ctx == NULL) {
}
if (lm_pwd == NULL && nt_pwd == NULL) {
- bool am_rodc;
if (samdb_rodc(auth_context->sam_ctx, &am_rodc) == LDB_SUCCESS && am_rodc) {
/*
* we don't have passwords for this
nt_errstr(nt_status)));
}
+ if (samdb_rodc(auth_context->sam_ctx, &am_rodc) == LDB_SUCCESS && am_rodc) {
+ *authoritative = false;
+ }
+
TALLOC_FREE(tmp_ctx);
return NT_STATUS_WRONG_PASSWORD;
}