ipasam: use base scope when fetching domain information about own domain

Since we use associatedDomain attribute to store information about UPN suffixes and our own domain, searching subtree is going to return more than one entry. Limit search for own domain by base scope as we only need to fetch our own domain information here, not UPN suffixes. Required for https://fedorahosted.org/freeipa/ticket/2945
author: Alexander Bokovoy <abokovoy@redhat.com> 2013-02-19 13:54:43 +0200
committer: Alexander Bokovoy <abokovoy@redhat.com> 2013-02-19 14:16:19 +0200
commit: 1c68c3edff0507ee78cd1f633e45ae8c3fb9638d (patch)
tree: f9b1a063b33ec541fb7430f1ce53f5600d3636eb /daemons/ipa-sam
parent: 3253a305416c963fcdc2670caa2c22c167ccc0d2 (diff)
download: freeipa-1c68c3edff0507ee78cd1f633e45ae8c3fb9638d.tar.gz
freeipa-1c68c3edff0507ee78cd1f633e45ae8c3fb9638d.tar.xz
freeipa-1c68c3edff0507ee78cd1f633e45ae8c3fb9638d.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/daemons/ipa-sam/ipa_sam.c b/daemons/ipa-sam/ipa_sam.c
index adf482221..0d4a27cf6 100644
--- a/daemons/ipa-sam/ipa_sam.c
+++ b/daemons/ipa-sam/ipa_sam.c
@@ -3479,7 +3479,7 @@ static NTSTATUS ipasam_get_domain_name(struct ldapsam_privates *ldap_state,
 
 	ret = smbldap_search(smbldap_state,
 			     ldap_state->ipasam_privates->base_dn,
-			     LDAP_SCOPE_SUBTREE,
+			     LDAP_SCOPE_BASE,
 			     "objectclass=domainRelatedObject", attr_list, 0,
 			     &result);
 	if (ret != LDAP_SUCCESS) {
author	Alexander Bokovoy <abokovoy@redhat.com>	2013-02-19 13:54:43 +0200
committer	Alexander Bokovoy <abokovoy@redhat.com>	2013-02-19 14:16:19 +0200
commit	1c68c3edff0507ee78cd1f633e45ae8c3fb9638d (patch)
tree	f9b1a063b33ec541fb7430f1ce53f5600d3636eb /daemons/ipa-sam
parent	3253a305416c963fcdc2670caa2c22c167ccc0d2 (diff)
download	freeipa-1c68c3edff0507ee78cd1f633e45ae8c3fb9638d.tar.gz freeipa-1c68c3edff0507ee78cd1f633e45ae8c3fb9638d.tar.xz freeipa-1c68c3edff0507ee78cd1f633e45ae8c3fb9638d.zip