From 73095f8809ffb170ee9a62dbab3eb93964e4c28f Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sat, 3 Sep 2016 21:58:47 +1200
Subject: [PATCH] dsdb/repl: Permit replication of Windows 2012 R2 schema by
 also ignoring system* attributes

We do not need to know about the attributes that are permitted in a class to convert the
objects from DRS, and never enforce schema restrictions on DRS replicated objects

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
---
 source4/dsdb/repl/replicated_objects.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/source4/dsdb/repl/replicated_objects.c b/source4/dsdb/repl/replicated_objects.c
index 46b0b66..b212064 100644
--- a/source4/dsdb/repl/replicated_objects.c
+++ b/source4/dsdb/repl/replicated_objects.c
@@ -122,8 +122,11 @@ WERROR dsdb_repl_resolve_working_schema(struct ldb_context *ldb,
 	int ret, pass_no;
 	uint32_t ignore_attids[] = {
 			DRSUAPI_ATTID_auxiliaryClass,
+			DRSUAPI_ATTID_systemAuxiliaryClass,
 			DRSUAPI_ATTID_mayContain,
+			DRSUAPI_ATTID_systemMayContain,
 			DRSUAPI_ATTID_mustContain,
+			DRSUAPI_ATTID_systemMustContain,
 			DRSUAPI_ATTID_possSuperiors,
 			DRSUAPI_ATTID_systemPossSuperiors,
 			DRSUAPI_ATTID_INVALID
-- 
2.7.4