s4:ldap_server: Consider ldapi connections to be encrypted

Modifications to unicodePwd require an encrypted connection. This change
allows unicodePwd to be modified over an ldapi connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15634

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit ff8e98daf1c3fd99d4d880ddc2d47eeb0d99718c)

diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c
index 1a906534a0ae2675b923662a19b6be025e0cf83b..b0369f8119aa02768f55cd9c39b9c367f6b77ce7 100644 (file)
--- a/source4/ldap_server/ldap_backend.c
+++ b/source4/ldap_server/ldap_backend.c
@@ -212,7 +212,7 @@ int ldapsrv_backend_Init(struct ldapsrv_connection *conn,
        if (opaque_connection_state == NULL) {
                return LDB_ERR_OPERATIONS_ERROR;
        }
-       opaque_connection_state->using_encrypted_connection = using_tls || using_seal;
+       opaque_connection_state->using_encrypted_connection = using_tls || using_seal || conn->is_ldapi;
        ret = ldb_set_opaque(conn->ldb,
                             DSDB_OPAQUE_ENCRYPTED_CONNECTION_STATE_NAME,
                             opaque_connection_state);