diff options
| author | Sumit Bose <sbose@redhat.com> | 2013-12-09 12:17:43 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-12-19 17:34:01 +0100 |
| commit | 022456e93c9b175ce3774afe524e3926f41ba80f (patch) | |
| tree | f8c492b1b4f4ff5becd916f20360fbceab192aac | |
| parent | b17b51c2779906bf3a5e4aecbb9ef8bfbfc2ebab (diff) | |
| download | sssd-022456e93c9b175ce3774afe524e3926f41ba80f.tar.gz sssd-022456e93c9b175ce3774afe524e3926f41ba80f.tar.xz sssd-022456e93c9b175ce3774afe524e3926f41ba80f.zip | |
Add new option ldap_group_type
| -rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ad.conf | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ipa.conf | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ldap.conf | 1 | ||||
| -rw-r--r-- | src/db/sysdb.h | 1 | ||||
| -rw-r--r-- | src/man/sssd-ldap.5.xml | 21 | ||||
| -rw-r--r-- | src/providers/ad/ad_opts.h | 1 | ||||
| -rw-r--r-- | src/providers/ipa/ipa_opts.h | 1 | ||||
| -rw-r--r-- | src/providers/ldap/ldap_opts.h | 3 | ||||
| -rw-r--r-- | src/providers/ldap/sdap.h | 1 |
10 files changed, 32 insertions, 0 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index af5903c65..8563a91e7 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -284,6 +284,7 @@ option_strings = { 'ldap_group_uuid' : _('Group UUID attribute'), 'ldap_group_objectsid' : _("objectSID attribute"), 'ldap_group_modify_timestamp' : _('Modification time attribute for groups'), + 'ldap_group_type' : _('Type of the group and other flags'), #replaced by ldap_entry_usn# 'ldap_group_entry_usn' : _('entryUSN attribute'), 'ldap_group_nesting_level' : _('Maximum nesting level SSSd will follow'), diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf index 9f606f6c4..cea28a18c 100644 --- a/src/config/etc/sssd.api.d/sssd-ad.conf +++ b/src/config/etc/sssd.api.d/sssd-ad.conf @@ -90,6 +90,7 @@ ldap_group_uuid = str, None, false ldap_group_objectsid = str, None, false ldap_group_modify_timestamp = str, None, false ldap_group_entry_usn = str, None, false +ldap_group_type = int, None, false ldap_force_upper_case_realm = bool, None, false ldap_group_nesting_level = int, None, false ldap_netgroup_search_base = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index 72b36c0b5..9259d9979 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -98,6 +98,7 @@ ldap_group_uuid = str, None, false ldap_group_objectsid = str, None, false ldap_group_modify_timestamp = str, None, false ldap_group_entry_usn = str, None, false +ldap_group_type = int, None, false ldap_force_upper_case_realm = bool, None, false ldap_group_nesting_level = int, None, false ldap_netgroup_search_base = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf index 441390b0c..257e859df 100644 --- a/src/config/etc/sssd.api.d/sssd-ldap.conf +++ b/src/config/etc/sssd.api.d/sssd-ldap.conf @@ -93,6 +93,7 @@ ldap_group_uuid = str, None, false ldap_group_objectsid = str, None, false ldap_group_modify_timestamp = str, None, false ldap_group_entry_usn = str, None, false +ldap_group_type = int, None, false ldap_group_nesting_level = int, None, false ldap_force_upper_case_realm = bool, None, false ldap_netgroup_search_base = str, None, false diff --git a/src/db/sysdb.h b/src/db/sysdb.h index 2230f2c4b..ec7b72c97 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -76,6 +76,7 @@ #define SYSDB_POSIX "isPosix" #define SYSDB_USER_CATEGORY "userCategory" #define SYSDB_HOST_CATEGORY "hostCategory" +#define SYSDB_GROUP_TYPE "groupType" #define SYSDB_GECOS "gecos" #define SYSDB_LAST_LOGIN "lastLogin" diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml index 72586fb1d..9e572836d 100644 --- a/src/man/sssd-ldap.5.xml +++ b/src/man/sssd-ldap.5.xml @@ -849,6 +849,27 @@ </varlistentry> <varlistentry> + <term>ldap_group_type (integer)</term> + <listitem> + <para> + The LDAP attribute that contains an integer value + indicating the type of the group and maybe other + flags. + </para> + <para> + This attribute is currently only used by the AD + provider to determine if a group is a domain local + groups and has to be filtered out for trusted + domains. + </para> + <para> + Default: groupType in the AD provider, othewise not + set + </para> + </listitem> + </varlistentry> + + <varlistentry> <term>ldap_group_nesting_level (integer)</term> <listitem> <para> diff --git a/src/providers/ad/ad_opts.h b/src/providers/ad/ad_opts.h index 9055b4516..75c261314 100644 --- a/src/providers/ad/ad_opts.h +++ b/src/providers/ad/ad_opts.h @@ -209,6 +209,7 @@ struct sdap_attr_map ad_2008r2_group_map[] = { { "ldap_group_objectsid", "objectSID", SYSDB_SID, NULL }, { "ldap_group_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL }, { "ldap_group_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL }, + { "ldap_group_type", "groupType", SYSDB_GROUP_TYPE, NULL }, SDAP_ATTR_MAP_TERMINATOR }; diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h index b3eef456c..bf9f3bc42 100644 --- a/src/providers/ipa/ipa_opts.h +++ b/src/providers/ipa/ipa_opts.h @@ -210,6 +210,7 @@ struct sdap_attr_map ipa_group_map[] = { { "ldap_group_objectsid", "ipaNTSecurityIdentifier", SYSDB_SID_STR, NULL }, { "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL }, { "ldap_group_entry_usn", NULL, SYSDB_USN, NULL }, + { "ldap_group_type", NULL, SYSDB_GROUP_TYPE, NULL }, SDAP_ATTR_MAP_TERMINATOR }; diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h index d6a2fc501..26a69a0a6 100644 --- a/src/providers/ldap/ldap_opts.h +++ b/src/providers/ldap/ldap_opts.h @@ -188,6 +188,7 @@ struct sdap_attr_map rfc2307_group_map[] = { { "ldap_group_objectsid", NULL, SYSDB_SID, NULL }, { "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL }, { "ldap_group_entry_usn", NULL, SYSDB_USN, NULL }, + { "ldap_group_type", NULL, SYSDB_GROUP_TYPE, NULL }, SDAP_ATTR_MAP_TERMINATOR }; @@ -242,6 +243,7 @@ struct sdap_attr_map rfc2307bis_group_map[] = { { "ldap_group_objectsid", NULL, SYSDB_SID, NULL }, { "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP, NULL }, { "ldap_group_entry_usn", NULL, SYSDB_USN, NULL }, + { "ldap_group_type", NULL, SYSDB_GROUP_TYPE, NULL }, SDAP_ATTR_MAP_TERMINATOR }; @@ -294,6 +296,7 @@ struct sdap_attr_map gen_ad2008r2_group_map[] = { { "ldap_group_objectsid", "objectSID", SYSDB_SID, NULL }, { "ldap_group_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL }, { "ldap_group_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL }, + { "ldap_group_type", NULL, SYSDB_GROUP_TYPE, NULL }, SDAP_ATTR_MAP_TERMINATOR }; diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h index b8b5125ed..59b181c72 100644 --- a/src/providers/ldap/sdap.h +++ b/src/providers/ldap/sdap.h @@ -289,6 +289,7 @@ enum sdap_group_attrs { SDAP_AT_GROUP_OBJECTSID, SDAP_AT_GROUP_MODSTAMP, SDAP_AT_GROUP_USN, + SDAP_AT_GROUP_TYPE, SDAP_OPTS_GROUP /* attrs counter */ }; |