From: Andrew Tridgell Date: Fri, 20 Nov 2009 03:19:18 +0000 (+1100) Subject: s4-dsdb: removed attributes that should not be displayed by default X-Git-Tag: tdb-1.2.0~8 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f3f0c8e2ce9fe315848d15eeb289eae9fb525a3a;p=thirdparty%2Fsamba.git s4-dsdb: removed attributes that should not be displayed by default Some attributes (like ntSecurityDescriptor) are stored in our db, but should only be displayed if asked for. This also applied to parentGUID from old installs, which is now generated. --- diff --git a/source4/dsdb/samdb/ldb_modules/operational.c b/source4/dsdb/samdb/ldb_modules/operational.c index ccfddbe56ed..23d1a9fe7f6 100644 --- a/source4/dsdb/samdb/ldb_modules/operational.c +++ b/source4/dsdb/samdb/ldb_modules/operational.c @@ -170,6 +170,25 @@ static const struct { { "parentGUID", NULL, construct_parent_guid } }; + +enum op_remove { + OPERATIONAL_REMOVE_ALWAYS, /* remove always */ + OPERATIONAL_REMOVE_UNASKED /* remove if not requested */ +}; + +/* + a list of attributes that may need to be removed from the + underlying db return +*/ +static const struct { + const char *attr; + enum op_remove op; +} operational_remove[] = { + { "ntSecurityDescriptor", OPERATIONAL_REMOVE_UNASKED }, + { "parentGUID", OPERATIONAL_REMOVE_ALWAYS } +}; + + /* post process a search result record. For any search_sub[] attributes that were asked for, we need to call the appropriate copy routine to copy the result @@ -185,6 +204,24 @@ static int operational_search_post_process(struct ldb_module *module, ldb = ldb_module_get_ctx(module); + /* removed any attrs that should not be shown to the user */ + for (i=0; i