s4-samldb: Do not allow deletion of objects with RID < 1000
commit73e5b134cea038abd1245411ab744bfec34e5b49
authorNadezhda Ivanova <nivanova@symas.com>
Mon, 14 Oct 2013 09:38:10 +0000 (14 12:38 +0300)
committerKarolin Seeger <kseeger@samba.org>
Tue, 15 Jul 2014 10:46:14 +0000 (15 12:46 +0200)
tree89e84efae35fb1a85391844c242e94e26cad0f81
parentf4f9a6528155e337ec99c29faa1f3d4786169c91
s4-samldb: Do not allow deletion of objects with RID < 1000

According to [MS-SAMR] 3.1.5.7 Delete Pattern we should not allow deletion
of security objects with RID < 1000. This patch will prevent deletion of
well-known accounts and groups.

Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date(master): Mon Oct 14 13:31:50 CEST 2013 on sn-devel-104

(cherry picked from commit 13a10d43141c29dad61868b451c0c1dca82360de)
python/samba/tests/samba3sam.py
source4/dsdb/samdb/ldb_modules/samldb.c
source4/dsdb/samdb/samdb.h
source4/dsdb/tests/python/sam.py
testdata/samba3/samba3.ldif