mirror of
https://github.com/samba-team/samba.git
synced 2025-01-08 21:18:16 +03:00
295bf73e9b
A 2003 AD DB with functional level set to >= 2008 was non-functional due to the PSO checks. We already check the functional level is >= 2008 before checking for the PSO container. However, users could change their functional level without ensuring their DB conforms to the corresponding base schema. The objectclass DSDB module should prevent the PSO container from ever being deleted. So the only way we should be able to hit this case is through upgrading the functional level (but not the underlying schema objects). If so, log a low-priority message and continue without errors. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14008 RN: Previously, AD operations such as user authentication could fail completely with the message 'Error 32 determining PSOs in system' logged on the samba server. This problem would only affect a domain that was created using a pre-2008 AD base schema and then had its functional level manually raised to 2008 or greater. This issue has now been resolved. Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> |
||
|---|---|---|
| .. | ||
| ldb_modules | ||
| cracknames.c | ||
| samdb_privilege.c | ||
| samdb.c | ||
| samdb.h | ||