aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--libds/common/flags.h3
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c19
2 files changed, 10 insertions, 12 deletions
diff --git a/libds/common/flags.h b/libds/common/flags.h
index 49750241202..96709af118e 100644
--- a/libds/common/flags.h
+++ b/libds/common/flags.h
@@ -64,8 +64,7 @@
UF_NORMAL_ACCOUNT |\
UF_INTERDOMAIN_TRUST_ACCOUNT |\
UF_WORKSTATION_TRUST_ACCOUNT |\
- UF_SERVER_TRUST_ACCOUNT |\
- UF_PARTIAL_SECRETS_ACCOUNT \
+ UF_SERVER_TRUST_ACCOUNT \
)
#define UF_SETTABLE_BITS (\
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 54e2e5e6299..f491a0035c7 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -1746,17 +1746,16 @@ static int samldb_user_account_control_change(struct samldb_ctx *ac)
case UF_WORKSTATION_TRUST_ACCOUNT:
new_is_critical = false;
- break;
-
- case (UF_WORKSTATION_TRUST_ACCOUNT|UF_PARTIAL_SECRETS_ACCOUNT):
- if (!is_computer) {
- ldb_asprintf_errstring(ldb,
- "%08X: samldb: UF_PARTIAL_SECRETS_ACCOUNT "
- "requires objectclass 'computer'!",
- W_ERROR_V(WERR_DS_MACHINE_ACCOUNT_CREATED_PRENT4));
- return LDB_ERR_UNWILLING_TO_PERFORM;
+ if (new_uac & UF_PARTIAL_SECRETS_ACCOUNT) {
+ if (!is_computer) {
+ ldb_asprintf_errstring(ldb,
+ "%08X: samldb: UF_PARTIAL_SECRETS_ACCOUNT "
+ "requires objectclass 'computer'!",
+ W_ERROR_V(WERR_DS_MACHINE_ACCOUNT_CREATED_PRENT4));
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ }
+ new_is_critical = true;
}
- new_is_critical = true;
break;
case UF_SERVER_TRUST_ACCOUNT: