s4:ldap_server: Consider ldapi connections to be encrypted

Modifications to unicodePwd require an encrypted connection. This change
allows unicodePwd to be modified over an ldapi connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15634

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c
index 663ab91a7e1ba96a9929da8d330a9a8d9bc68ef9..746dafbb19c5822f6cf983539362712c23cf9684 100644 (file)
--- a/source4/ldap_server/ldap_backend.c
+++ b/source4/ldap_server/ldap_backend.c
@@ -212,7 +212,7 @@ int ldapsrv_backend_Init(struct ldapsrv_connection *conn,
        if (opaque_connection_state == NULL) {
                return LDB_ERR_OPERATIONS_ERROR;
        }
-       opaque_connection_state->using_encrypted_connection = using_tls || using_seal;
+       opaque_connection_state->using_encrypted_connection = using_tls || using_seal || conn->is_ldapi;
        ret = ldb_set_opaque(conn->ldb,
                             DSDB_OPAQUE_ENCRYPTED_CONNECTION_STATE_NAME,
                             opaque_connection_state);