ipaserver/dcerpc.py: be more open to what domains can be seen through the forest trust

https://fedorahosted.org/freeipa/ticket/4463 Reviewed-By: Sumit Bose <sbose@redhat.com>
author: Alexander Bokovoy <abokovoy@redhat.com> 2014-08-19 16:23:58 +0300
committer: Martin Kosek <mkosek@redhat.com> 2014-09-01 08:42:52 +0200
commit: d16b471ceaa59fceed3235c36536f6811bd5de8c (patch)
tree: f7f08c0af1808048b77ca298e0395646744c3843
parent: 1fd3a238848bd2aa7bd946d3148637a5abbf7891 (diff)
download: freeipa-d16b471ceaa59fceed3235c36536f6811bd5de8c.tar.gz
freeipa-d16b471ceaa59fceed3235c36536f6811bd5de8c.tar.xz
freeipa-d16b471ceaa59fceed3235c36536f6811bd5de8c.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index 4abc42f38..51b314f94 100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -1039,7 +1039,7 @@ def fetch_domains(api, mydomain, trustdomain, creds=None):
 
     result = []
     for t in domains.array:
-        if ((t.trust_attributes & trust_attributes['NETR_TRUST_ATTRIBUTE_WITHIN_FOREST']) and
+        if (not (t.trust_flags & trust_flags['NETR_TRUST_FLAG_PRIMARY']) and
             (t.trust_flags & trust_flags['NETR_TRUST_FLAG_IN_FOREST'])):
             res = dict()
             res['cn'] = unicode(t.dns_name)
author	Alexander Bokovoy <abokovoy@redhat.com>	2014-08-19 16:23:58 +0300
committer	Martin Kosek <mkosek@redhat.com>	2014-09-01 08:42:52 +0200
commit	d16b471ceaa59fceed3235c36536f6811bd5de8c (patch)
tree	f7f08c0af1808048b77ca298e0395646744c3843
parent	1fd3a238848bd2aa7bd946d3148637a5abbf7891 (diff)
download	freeipa-d16b471ceaa59fceed3235c36536f6811bd5de8c.tar.gz freeipa-d16b471ceaa59fceed3235c36536f6811bd5de8c.tar.xz freeipa-d16b471ceaa59fceed3235c36536f6811bd5de8c.zip