From: Jo Sutton <josutton@catalyst.net.nz>
Date: Mon, 12 Feb 2024 22:25:33 +0000 (+1300)
Subject: s4:dsdb: Add dsdb control indicating that gMSA passwords are to be updated
X-Git-Tag: tdb-1.4.11~1726
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=424882452fcea14ae2f48d5449b5f991f3dc5ee8;p=thirdparty%2Fsamba.git

s4:dsdb: Add dsdb control indicating that gMSA passwords are to be updated

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/dsdb/samdb/samdb.h b/source4/dsdb/samdb/samdb.h
index ba7cd1b5b48..5c87c07a0a1 100644
--- a/source4/dsdb/samdb/samdb.h
+++ b/source4/dsdb/samdb/samdb.h
@@ -248,6 +248,13 @@ struct dsdb_control_calculated_default_sd {
 
 #define DSDB_CONTROL_ACL_READ_OID "1.3.6.1.4.1.7165.4.3.37"
 
+/*
+ * Used by the operational module to indicate to the LDAP server that the keys
+ * and Managed Password ID of a Group Managed Service Account are to be updated.
+ */
+#define DSDB_CONTROL_GMSA_UPDATE_OID "1.3.6.1.4.1.7165.4.3.38"
+/* struct gmsa_update */
+
 #define DSDB_EXTENDED_REPLICATED_OBJECTS_OID "1.3.6.1.4.1.7165.4.4.1"
 struct dsdb_extended_replicated_object {
 	struct ldb_message *msg;
diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif
index 6ba1b1274b0..b166cc797c0 100644
--- a/source4/setup/schema_samba4.ldif
+++ b/source4/setup/schema_samba4.ldif
@@ -235,6 +235,7 @@
 #Allocated: DSDB_CONTROL_FORCE_ALLOW_VALIDATED_DNS_HOSTNAME_SPN_WRITE_OID 1.3.6.1.4.1.7165.4.3.35
 #Allocated: DSDB_CONTROL_CALCULATED_DEFAULT_SD_OID 1.3.6.1.4.1.7165.4.3.36
 #Allocated: DSDB_CONTROL_ACL_READ_OID 1.3.6.1.4.1.7165.4.3.37
+#Allocated: DSDB_CONTROL_GMSA_UPDATE_OID 1.3.6.1.4.1.7165.4.3.38
 
 
 # Extended 1.3.6.1.4.1.7165.4.4.x