sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code

s4-drs: allow getncchanges from RODC with WRIT_REP set

Browse Source 
w2k8r2 is setting this bit as a RODC. Instead of refusing the
replication, we now remove the bit from req8, which means other places
in the code that check this bit can stay the same

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Andrew Tridgell 2010-08-17 14:21:07 +10:00
parent 45a2b408ba
commit 21729b63f0
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
source4/rpc_server/drsuapi/getncchanges.c
View File

@ -772,10 +772,10 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
samdb_domain_sid(b_state->sam_ctx));
if (security_level == SECURITY_RO_DOMAIN_CONTROLLER &&
(req8->replica_flags & DRSUAPI_DRS_WRIT_REP)) {
DEBUG(0,(__location__ ": Attempt to do writeable replication by RODC %s\n",
DEBUG(3,(__location__ ": Removing WRIT_REP flag for replication by RODC %s\n",
dom_sid_string(mem_ctx,
dce_call->conn->auth_state.session_info->security_token->user_sid)));
return WERR_DS_DRA_INVALID_PARAMETER;
req8->replica_flags &= ~DRSUAPI_DRS_WRIT_REP;
}