static int descriptor_modify(struct ldb_module *module, struct ldb_request *req)
{
struct ldb_context *ldb;
- struct ldb_control *sd_recalculate_control, *sd_flags_control;
+ struct ldb_control *sd_recalculate_control, *sd_flags_control, *show_deleted_control;
struct ldb_request *mod_req;
struct ldb_message *msg;
struct ldb_result *current_res, *parent_res;
struct ldb_dn *parent_dn, *dn;
struct ldb_message_element *objectclass_element;
int ret;
- uint32_t instanceType, sd_flags = 0;
+ uint32_t instanceType, sd_flags = 0, flags;
const struct dsdb_schema *schema;
DATA_BLOB *sd;
const struct dsdb_class *objectclass;
user_sd = ldb_msg_find_ldb_val(req->op.mod.message, "nTSecurityDescriptor");
/* This control forces the recalculation of the SD also when
* no modification is performed. */
+ show_deleted_control = ldb_request_get_control(req,
+ LDB_CONTROL_SHOW_DELETED_OID);
sd_recalculate_control = ldb_request_get_control(req,
LDB_CONTROL_RECALCULATE_SD_OID);
if (!user_sd && !sd_recalculate_control) {
if (ldb_dn_is_special(dn)) {
return ldb_next_request(module, req);
}
-
+ flags = DSDB_FLAG_NEXT_MODULE;
+ if (show_deleted_control) {
+ flags |= DSDB_SEARCH_SHOW_DELETED;
+ }
ret = dsdb_module_search_dn(module, req, ¤t_res, dn,
current_attrs,
- DSDB_FLAG_NEXT_MODULE,
+ flags,
req);
if (ret != LDB_SUCCESS) {
ldb_debug(ldb, LDB_DEBUG_ERROR,"descriptor_modify: Could not find %s\n",