git.samba.org / kai / samba.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
s4:dsdb/acl: fix search filter cleanup for password attributes
[kai/samba.git] / source4 / dsdb / samdb / ldb_modules / acl.c
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c
index 843d17e5d1410b7a2b14109bcefd224c4ca9bdb9..05926fb01b387d5582c479b46ec82b8554f509bc 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -1499,7 +1499,7 @@ static int acl_search(struct ldb_module *module, struct ldb_request *req)
        /* replace any attributes in the parse tree that are private,
           so we don't allow a search for 'userPassword=penguin',
           just as we would not allow that attribute to be returned */
-       if (ac->am_system) {
+       if (!ac->am_system) {
                /* FIXME: We should copy the tree and keep the original unmodified. */
                /* remove password attributes */
                if (data && data->password_attrs) {
Kai's WIP code