s4:dsdb Don't allow creating of new objects with an isDefunct schema class
authorAndrew Bartlett <abartlet@samba.org>
Fri, 25 Sep 2009 15:34:33 +0000 (08:34 -0700)
committerMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Fri, 2 Oct 2009 10:45:07 +0000 (12:45 +0200)
source4/dsdb/samdb/ldb_modules/objectclass.c

index ad14acbcf877ddc6dfc4f5ea7a947f7d30db0a47..cc88d6b96d0d6ac16c1807f5efaa3ecd1b7111d0 100644 (file)
@@ -138,7 +138,13 @@ static int objectclass_sort(struct ldb_module *module,
                if (!current->objectclass) {
                        ldb_asprintf_errstring(ldb, "objectclass %.*s is not a valid objectClass in schema", 
                                               (int)objectclass_element->values[i].length, (const char *)objectclass_element->values[i].data);
                if (!current->objectclass) {
                        ldb_asprintf_errstring(ldb, "objectclass %.*s is not a valid objectClass in schema", 
                                               (int)objectclass_element->values[i].length, (const char *)objectclass_element->values[i].data);
-                       return LDB_ERR_OBJECT_CLASS_VIOLATION;
+                       /* This looks weird, but windows apparently returns this for invalid objectClass values */
+                       return LDB_ERR_NO_SUCH_ATTRIBUTE;
+               } else if (current->objectclass->isDefunct) {
+                       ldb_asprintf_errstring(ldb, "objectclass %.*s marked as isDefunct objectClass in schema - not valid for new objects", 
+                                              (int)objectclass_element->values[i].length, (const char *)objectclass_element->values[i].data);
+                       /* This looks weird, but windows apparently returns this for invalid objectClass values */
+                       return LDB_ERR_NO_SUCH_ATTRIBUTE;
                }
 
                /* this is the root of the tree.  We will start
                }
 
                /* this is the root of the tree.  We will start