diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2023-01-25 15:18:47 +1300 |
|---|---|---|
| committer | Jule Anger <janger@samba.org> | 2023-02-01 16:30:11 +0000 |
| commit | dc7497c3a4681c96fdf71e82db1b93e21214cc19 (patch) | |
| tree | 88f255e02936154f7b8be0e3a914154a768ba34c | |
| parent | 29a89f07aa7b167adea921fd583b3b93ae0695f9 (diff) | |
| download | samba-dc7497c3a4681c96fdf71e82db1b93e21214cc19.tar.gz | |
s4-dsdb: Require that the NTDS object is an nTDSDSA objectclass
This should avoid a user being able to specify the GUID of a different
type of object.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit adb776149e5ac0eb346992775610627106e1a986)
| -rw-r--r-- | source4/dsdb/common/util.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 55614d2a8cd..55940227106 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -3578,7 +3578,7 @@ int samdb_get_ntds_obj_by_guid(TALLOC_CTX *mem_ctx, LDB_SCOPE_SUBTREE, attrs, DSDB_SEARCH_ONE_ONLY, - "objectGUID=%s", + "(&(objectGUID=%s)(objectClass=nTDSDSA))", guid_str); if (ret != LDB_SUCCESS) { return ret; |