s4-dsdb: filter unregistered controls in the rootdse...

Nadezhda Ivanova nivanova at samba.org
Mon Oct 25 11:53:01 MDT 2010

Hi Tridge,
This patch appears to also remove the "apply_access" control, which is used
by the aclread module to determine that the request comes via ldap and
therefore checks should be applied. Currently ldb_req_mark_untrusted is only
used in for ldap://, so I suppose it would be ok to replace the use of the
control with a check for untrusted in aclread as well? Apart from ldap, will
there be other "untrusted"?


More information about the samba-technical mailing list