fixed DRS rename of deleted objects

The objectclass module checks that the target parent exists, and
refuses renames if it doesn't exist. For this to work for deleted
objects we have to do the search in the objectclass module with the
"show deleted" control enabled.

diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index 4f013709b22234747190dcc046483f753c3f6e1b..eb35ad052ebbc6e166cff0d30d2991a66e7dd1f3 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -997,6 +997,7 @@ static int objectclass_rename(struct ldb_module *module, struct ldb_request *req
        struct oc_context *ac;
        struct ldb_dn *parent_dn;
        int ret;
+       struct ldb_control **ctrl;
 
        ldb = ldb_module_get_ctx(module);
 
@@ -1025,12 +1026,30 @@ static int objectclass_rename(struct ldb_module *module, struct ldb_request *req
                return LDB_ERR_OPERATIONS_ERROR;
        }
 
+       /* we have to add the show deleted control, as otherwise DRS
+          deletes will be refused as we will think the target parent
+          does not exist */
+       ctrl = talloc_array(req, struct ldb_control, 2);
+       if (!ctrl) {
+               ldb_oom(ldb);
+               return LDB_ERR_OPERATIONS_ERROR;
+       }
+       ctrl[0] = talloc(ctrl, struct ldb_control);
+       if (!ctrl[0]) {
+               ldb_oom(ldb);
+               return LDB_ERR_OPERATIONS_ERROR;
+       }
+       ctrl[0]->oid = LDB_CONTROL_SHOW_DELETED_OID;
+       ctrl[0]->critical = 0;
+       ctrl[0]->data = NULL;
+       ctrl[1] = NULL;
+
        /* note that the results of this search are kept and used to
           update the parentGUID in objectclass_rename_callback() */
        ret = ldb_build_search_req(&search_req, ldb,
                                   ac, parent_dn, LDB_SCOPE_BASE,
                                   "(objectClass=*)",
-                                  attrs, NULL, 
+                                  attrs, ctrl, 
                                   ac, get_search_callback,
                                   req);
        if (ret != LDB_SUCCESS) {