summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLukas Slebodnik <lslebodn@redhat.com>2015-04-28 20:26:47 +0200
committerJakub Hrozek <jhrozek@redhat.com>2015-05-25 09:15:28 +0200
commit36b1d6f3eb22f754eafa35cde60a7a3d1f1c5d32 (patch)
treea8dc9e23a39b549e501d524fad9e383097ff555c
parent9db6a8a3ff686c56c2a269ff2fb12ddb7ae390da (diff)
downloadsssd-36b1d6f3eb22f754eafa35cde60a7a3d1f1c5d32.tar.gz
sssd-36b1d6f3eb22f754eafa35cde60a7a3d1f1c5d32.tar.xz
sssd-36b1d6f3eb22f754eafa35cde60a7a3d1f1c5d32.zip
SDAP: Fix id mapping with disabled subdomains
If subdomains are disabled "subdomain_provider = none" then auto-discovery discovery of domain SID is disabled. It is possible to configure options ldap_idmap_default_domain{,_sid} and id mapping should work. However value of option ldap_idmap_default_domain_sid was not assigned to sss_domain_info for main domain. It was only used for initialisation of sdap_idmap_ctx. As a result of this bug posix attributes were used in ldap filter and id mapping worked just for users with posix attributes. [be_get_account_info] (0x0100): Got request for [0x1001][1][name=user] [be_req_set_domain] (0x0400): Changing request domain from [EXAMPLE.TEST] to [EXAMPLE.TEST] [sdap_idmap_domain_has_algorithmic_mapping] (0x0080): Could not parse domain SID from [(null)] [sdap_idmap_domain_has_algorithmic_mapping] (0x0080): Could not parse domain SID from [(null)] [sdap_search_user_next_base] (0x0400): Searching for users with base [DC=EXAMPLE,DC=TEST] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(sAMAccountName=hdpadmin)(objectclass=user) (sAMAccountName=*)(&(uidNumber=*)(!(uidNumber=0))))] [DC=EXAMPLE,DC=TEST]. [sdap_search_user_process] (0x0400): Search for users, returned 0 results. [sdap_get_users_done] (0x0040): Failed to retrieve users Resolves: https://fedorahosted.org/sssd/ticket/2635 Reviewed-by: Pavel Březina <pbrezina@redhat.com> (cherry picked from commit 21687d1d553579e81aa43bfa20f2e70fb39e8461) (cherry picked from commit 2bf32678c96304d04e69813fd6d317d981ad2c41)
-rw-r--r--src/providers/ldap/sdap_idmap.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_idmap.c b/src/providers/ldap/sdap_idmap.c
index 0a82e61f7..dd959b2c1 100644
--- a/src/providers/ldap/sdap_idmap.c
+++ b/src/providers/ldap/sdap_idmap.c
@@ -288,6 +288,13 @@ sdap_idmap_init(TALLOC_CTX *mem_ctx,
sid_str = dp_opt_get_string(idmap_ctx->id_ctx->opts->basic, SDAP_IDMAP_DEFAULT_DOMAIN_SID);
if (sid_str) {
+ struct sss_domain_info *domain = idmap_ctx->id_ctx->be->domain;
+ domain->domain_id = talloc_strdup(domain, sid_str);
+ if (domain->domain_id == NULL) {
+ ret = ENOMEM;
+ goto done;
+ }
+
/* Set the default domain as slice 0 */
ret = sdap_idmap_add_domain(idmap_ctx, dom_name,
sid_str, 0);