diff options
author | Andrew Bartlett <abartlet@samba.org> | 2023-01-25 15:18:47 +1300 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2023-02-03 09:35:08 +0000 |
commit | fba94e5d50433e8869e72d0ae2bb68fa2abab03e (patch) | |
tree | cfa4c594acf0a7b9dd8b9ada1fbc492cb03eb121 | |
parent | bcb89bd81d4e51fbd06e205816e0b891dc0c1889 (diff) | |
download | samba-fba94e5d50433e8869e72d0ae2bb68fa2abab03e.tar.gz |
s4-dsdb: Require that the NTDS object is an nTDSDSA objectclass
This should avoid a user being able to specify the GUID of a different
type of object.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit adb776149e5ac0eb346992775610627106e1a986)
-rw-r--r-- | source4/dsdb/common/util.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 43fa670006d..a30ae662c1e 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -3578,7 +3578,7 @@ int samdb_get_ntds_obj_by_guid(TALLOC_CTX *mem_ctx, LDB_SCOPE_SUBTREE, attrs, DSDB_SEARCH_ONE_ONLY, - "objectGUID=%s", + "(&(objectGUID=%s)(objectClass=nTDSDSA))", guid_str); if (ret != LDB_SUCCESS) { return ret; |