From 704bbae25c07c08c051a66ae0a83fb5abda373f1 Mon Sep 17 00:00:00 2001 From: Gary Lockyer Date: Mon, 27 Nov 2017 11:11:19 +1300 Subject: [PATCH] source4 dsdb: Allow duplicate non local objectSIDs Remove the unique constraint on the objectSID index, and enable the unique_object_sids module. This allows duplicate objectSIDs on foreign security principals, and disallows duplicates for local objectSIDs BUG: https://bugzilla.samba.org/show_bug.cgi?id=13004 Signed-off-by: Gary Lockyer --- selftest/knownfail.d/dsdb | 1 - source4/dsdb/samdb/ldb_modules/samba_dsdb.c | 1 + source4/dsdb/schema/schema_init.c | 2 +- 3 files changed, 2 insertions(+), 2 deletions(-) delete mode 100644 selftest/knownfail.d/dsdb diff --git a/selftest/knownfail.d/dsdb b/selftest/knownfail.d/dsdb deleted file mode 100644 index 276b72d22d3..00000000000 --- a/selftest/knownfail.d/dsdb +++ /dev/null @@ -1 +0,0 @@ -^samba.tests.dsdb.samba.tests.dsdb.DsdbTests.test_duplicate_objectSIDs_allowed_on_foreign_security_principals\( diff --git a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c index 9098b52f816..87d65bd8c2b 100644 --- a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c +++ b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c @@ -295,6 +295,7 @@ static int samba_dsdb_init(struct ldb_module *module) "subtree_delete", "repl_meta_data", "operational", + "unique_object_sids", "subtree_rename", "linked_attributes", NULL}; diff --git a/source4/dsdb/schema/schema_init.c b/source4/dsdb/schema/schema_init.c index c76b57cb4a9..dbd504549d7 100644 --- a/source4/dsdb/schema/schema_init.c +++ b/source4/dsdb/schema/schema_init.c @@ -461,7 +461,7 @@ WERROR dsdb_read_prefixes_from_ldb(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, */ static bool dsdb_schema_unique_attribute(const char *attr) { - const char *attrs[] = { "objectGUID", "objectSid" , NULL }; + const char *attrs[] = { "objectGUID", NULL }; unsigned int i; for (i=0;attrs[i];i++) { if (ldb_attr_cmp(attr, attrs[i]) == 0) { -- 2.11.4.GIT