From 039646b3cb9a5ff244a4fd8928b0edcffaf6255b Mon Sep 17 00:00:00 2001
From: Kamen Mazdrashki <kamenim@samba.org>
Date: Tue, 28 Oct 2014 15:03:59 +0100
Subject: [PATCH] s4-dsdb: Define internal dsdb control to mark Tombstone
 reanimation requests

Tombstone reanimation requries some special handling which is going
to affect several modules. Most notably:
 - a bit different access checks in acl.c
 - restore certain attributes during modify requests in samldb.c

Control added also to schema_samba4.ldif by Andrew Bartlett
hence the "pair programmed with" tag.

Change-Id: Ief4f7dabbbdc2570924fae48c30ac9c531a701f4
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
---
 source4/dsdb/samdb/samdb.h       | 8 ++++++++
 source4/setup/schema_samba4.ldif | 1 +
 2 files changed, 9 insertions(+)

diff --git a/source4/dsdb/samdb/samdb.h b/source4/dsdb/samdb/samdb.h
index 4f57343e057..635ac7039d6 100644
--- a/source4/dsdb/samdb/samdb.h
+++ b/source4/dsdb/samdb/samdb.h
@@ -141,6 +141,14 @@ struct dsdb_control_password_change {
  */
 #define DSDB_CONTROL_PERMIT_INTERDOMAIN_TRUST_UAC_OID "1.3.6.1.4.1.7165.4.3.23"
 
+/*
+ * Internal control to mark requests as being part of Tombstone restoring
+ * procedure - it requires slightly special behavior like:
+ *  - a bit different security checks
+ *  - restoring certain attributes to their default values, etc
+ */
+#define DSDB_CONTROL_RESTORE_TOMBSTONE_OID "1.3.6.1.4.1.7165.4.3.24"
+
 #define DSDB_EXTENDED_REPLICATED_OBJECTS_OID "1.3.6.1.4.1.7165.4.4.1"
 struct dsdb_extended_replicated_object {
 	struct ldb_message *msg;
diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif
index 22f0bc13d0a..bdcd6252fa6 100644
--- a/source4/setup/schema_samba4.ldif
+++ b/source4/setup/schema_samba4.ldif
@@ -198,6 +198,7 @@
 #Allocated: DSDB_CONTROL_PASSWORD_BYPASS_LAST_SET_OID 1.3.6.1.4.1.7165.4.3.20
 #Allocated: DSDB_CONTROL_SEC_DESC_PROPAGATION_OID 1.3.6.1.4.1.7165.4.3.21
 #Allocated: DSDB_CONTROL_PERMIT_INTERDOMAIN_TRUST_UAC_OID 1.3.6.1.4.1.7165.4.3.23
+#Allocated: DSDB_CONTROL_RESTORE_TOMBSTONE_OID 1.3.6.1.4.1.7165.4.3.24
 
 # Extended 1.3.6.1.4.1.7165.4.4.x
 #Allocated: DSDB_EXTENDED_REPLICATED_OBJECTS_OID 1.3.6.1.4.1.7165.4.4.1
-- 
2.11.4.GIT