git.samba.org / kai / samba-autobuild / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 49485ab)
dsdb-samldb: Clarify that accounts really do fall back to UF_NORMAL_ACCOUNT if no...
authorAndrew Bartlett <abartlet@samba.org>
Tue, 6 Jan 2015 03:47:36 +0000 (16:47 +1300)
committerAndrew Bartlett <abartlet@samba.org>
Thu, 22 Jan 2015 06:50:06 +0000 (07:50 +0100)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10993

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
source4/dsdb/samdb/ldb_modules/samldb.c patch | blob | history

diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index f89e6814afee0ff9fc2f15e05ca57ec26c89dd98..c80d5595005c023b742ed4f5831f8a857d1b7741 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -1048,7 +1048,11 @@ static int samldb_objectclass_trigger(struct samldb_ctx *ac)
                        user_account_control = ldb_msg_find_attr_as_uint(ac->msg,
                                                                         "userAccountControl",
                                                                         0);
-                       /* "userAccountControl" = 0 or missing one of the types means "UF_NORMAL_ACCOUNT" */
+                       /*
+                        * "userAccountControl" = 0 or missing one of
+                        * the types means "UF_NORMAL_ACCOUNT".  See
+                        * MS-SAMR 3.1.1.8.10 point 8
+                        */
                        if ((user_account_control & UF_ACCOUNT_TYPE_MASK) == 0) {
                                user_account_control = UF_NORMAL_ACCOUNT | user_account_control;
                                uac_generated = true;
@@ -1871,8 +1875,9 @@ static int samldb_user_account_control_change(struct samldb_ctx *ac)
        new_ufa = new_uac & UF_ACCOUNT_TYPE_MASK;
        if (new_ufa == 0) {
                /*
-                * When there is no account type embedded in "userAccountControl"
-                * fall back to UF_NORMAL_ACCOUNT.
+                * "userAccountControl" = 0 or missing one of the
+                * types means "UF_NORMAL_ACCOUNT".  See MS-SAMR
+                * 3.1.1.8.10 point 8
                 */
                new_ufa = UF_NORMAL_ACCOUNT;
                new_uac |= new_ufa;
Unnamed repository; edit this file 'description' to name the repository.