From f544f21e9b411b331eaa6a4c63fa9aa1f82af613 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Thu, 11 Sep 2014 13:08:06 +0200 Subject: idviews: Change format of IPA anchor to include domain --- ipalib/plugins/idviews.py | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/ipalib/plugins/idviews.py b/ipalib/plugins/idviews.py index c7efc3fbd..4813e070d 100644 --- a/ipalib/plugins/idviews.py +++ b/ipalib/plugins/idviews.py @@ -419,7 +419,13 @@ class baseidoverride(LDAPObject): try: entry = self.backend.get_entry(api.Object[obj_type].get_dn(obj), attrs_list=['ipaUniqueID']) - return IPA_ANCHOR_PREFIX + entry.single_value.get('ipaUniqueID') + + # The domain prefix, this will need to be reworked once we + # introduce IPA-IPA trusts + domain = api.env.domain + ':' + uuid = entry.single_value.get('ipaUniqueID') + + return IPA_ANCHOR_PREFIX + domain + uuid except errors.NotFound: pass @@ -428,6 +434,9 @@ class baseidoverride(LDAPObject): domain_validator = ipaserver.dcerpc.DomainValidator(api) if domain_validator.is_configured(): sid = domain_validator.get_trusted_domain_object_sid(obj) + + # There is no domain prefix since SID contains information + # about the domain return SID_ANCHOR_PREFIX + sid def resolve_anchor_to_object_name(self, anchor): @@ -435,7 +444,10 @@ class baseidoverride(LDAPObject): # Prepare search parameters accounts_dn = DN(api.env.container_accounts, api.env.basedn) - uuid = anchor.split(IPA_ANCHOR_PREFIX)[1].strip() + + # Anchor of the form :IPA:: + # Strip the IPA prefix and the domain prefix + uuid = anchor.split(':')[-1].strip() objectclass, name_attr = ( ('posixaccount', 'uid') -- cgit