Question about LDB nested requests
Samuel Cabrero
scabrero at zentyal.com
Wed Dec 3 05:11:56 MST 2014
I am working on this bug
https://bugzilla.samba.org/show_bug.cgi?id=10656 and there are
constraints to the set of attributes which can be specified on the add
request in the case the user does not have create child permissions on
the container but has the SeMachineAccount privilege.
I agree it is cleaner, but this constraint applies only in this
specific situation, so adding a control on the top module to cover
this situation isn't too overkill as will be added on all add requests?
On mar, 2014-12-02 at 17:33 +0100, Stefan (metze) Metzmacher wrote:
> Hi Samuel,
>
> > I am trying to retrieve the original attribute set specified in an
> > add
> > request inside a LDB module. This module is below other ones which
> > create nested requests and add extra attributes to it, like the
> > descriptor module.
> >
> > Is this approach correct?
> >
> > /* Retrieve the original add request */
> > orig_req = req;
> > while (orig_req && orig_req->handle && orig_req->handle->parent) {
> > orig_req = orig_req->handle->parent;
> > }
> > if (orig_req == NULL) {
> > return ldb_operr(ldb);
> > }
>
> Why do you want that?
>
> The clean way would be a dsdb specific control that the top module
> (maybe rootdse) would pass down.
>
> metze
>
>
--
Samuel Cabrero - Developer
scabrero at zentyal.com
Zentyal - Active Exchange
www.zentyal.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20141203/c180ca65/attachment.pgp>
More information about the samba-technical
mailing list