s4:acl LDB module - define the delete passwords special case a bit better

author Matthias Dieter Wallnöfer <mdw@samba.org>

Sun, 7 Nov 2010 21:37:39 +0000 (22:37 +0100)

committer Matthias Dieter Wallnöfer <mdw@samba.org>

Mon, 8 Nov 2010 11:27:03 +0000 (11:27 +0000)
author Matthias Dieter Wallnöfer <mdw@samba.org>
Sun, 7 Nov 2010 21:37:39 +0000 (22:37 +0100)
committer Matthias Dieter Wallnöfer <mdw@samba.org>
Mon, 8 Nov 2010 11:27:03 +0000 (11:27 +0000)
diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c

index 0a7f431c37d5bbd27e973d679e1cac377689739e..3cf768e5221ec94606cc198ba97d3594fcfe5a96 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/acl.c
+++ b/source4/dsdb/samdb/ldb_modules/acl.c
@@ -570,9 +570,10 @@ static int acl_check_password_rights(TALLOC_CTX *mem_ctx,
                         ldb_msg_remove_element(msg, el);
                 }
         }
-       /* a single delete will be handled by password hash
-          later in the stack, so we let it though here */
-       if (del_attr_cnt > 0 && add_attr_cnt == 0) {
+
+       /* single deletes will be handled by the "password_hash" LDB module
+        * later in the stack, so we let it though here */
+       if ((del_attr_cnt > 0) && (add_attr_cnt == 0) && (rep_attr_cnt == 0)) {
                 talloc_free(tmp_ctx);
                 return LDB_SUCCESS;
         }
author	Matthias Dieter Wallnöfer <mdw@samba.org>
	Sun, 7 Nov 2010 21:37:39 +0000 (22:37 +0100)
committer	Matthias Dieter Wallnöfer <mdw@samba.org>
	Mon, 8 Nov 2010 11:27:03 +0000 (11:27 +0000)