diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2015-04-28 20:26:47 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-05-25 09:15:28 +0200 |
commit | 36b1d6f3eb22f754eafa35cde60a7a3d1f1c5d32 (patch) | |
tree | a8dc9e23a39b549e501d524fad9e383097ff555c | |
parent | 9db6a8a3ff686c56c2a269ff2fb12ddb7ae390da (diff) | |
download | sssd-36b1d6f3eb22f754eafa35cde60a7a3d1f1c5d32.tar.gz sssd-36b1d6f3eb22f754eafa35cde60a7a3d1f1c5d32.tar.xz sssd-36b1d6f3eb22f754eafa35cde60a7a3d1f1c5d32.zip |
SDAP: Fix id mapping with disabled subdomains
If subdomains are disabled "subdomain_provider = none"
then auto-discovery discovery of domain SID is disabled.
It is possible to configure options ldap_idmap_default_domain{,_sid}
and id mapping should work.
However value of option ldap_idmap_default_domain_sid was not assigned to
sss_domain_info for main domain. It was only used for initialisation of
sdap_idmap_ctx. As a result of this bug posix attributes were used in
ldap filter and id mapping worked just for users with posix attributes.
[be_get_account_info] (0x0100): Got request for [0x1001][1][name=user]
[be_req_set_domain] (0x0400):
Changing request domain from [EXAMPLE.TEST] to [EXAMPLE.TEST]
[sdap_idmap_domain_has_algorithmic_mapping] (0x0080):
Could not parse domain SID from [(null)]
[sdap_idmap_domain_has_algorithmic_mapping] (0x0080):
Could not parse domain SID from [(null)]
[sdap_search_user_next_base] (0x0400):
Searching for users with base [DC=EXAMPLE,DC=TEST]
[sdap_get_generic_ext_step] (0x0400):
calling ldap_search_ext with
[(&(sAMAccountName=hdpadmin)(objectclass=user)
(sAMAccountName=*)(&(uidNumber=*)(!(uidNumber=0))))]
[DC=EXAMPLE,DC=TEST].
[sdap_search_user_process] (0x0400): Search for users, returned 0 results.
[sdap_get_users_done] (0x0040): Failed to retrieve users
Resolves:
https://fedorahosted.org/sssd/ticket/2635
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit 21687d1d553579e81aa43bfa20f2e70fb39e8461)
(cherry picked from commit 2bf32678c96304d04e69813fd6d317d981ad2c41)
-rw-r--r-- | src/providers/ldap/sdap_idmap.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_idmap.c b/src/providers/ldap/sdap_idmap.c index 0a82e61f7..dd959b2c1 100644 --- a/src/providers/ldap/sdap_idmap.c +++ b/src/providers/ldap/sdap_idmap.c @@ -288,6 +288,13 @@ sdap_idmap_init(TALLOC_CTX *mem_ctx, sid_str = dp_opt_get_string(idmap_ctx->id_ctx->opts->basic, SDAP_IDMAP_DEFAULT_DOMAIN_SID); if (sid_str) { + struct sss_domain_info *domain = idmap_ctx->id_ctx->be->domain; + domain->domain_id = talloc_strdup(domain, sid_str); + if (domain->domain_id == NULL) { + ret = ENOMEM; + goto done; + } + /* Set the default domain as slice 0 */ ret = sdap_idmap_add_domain(idmap_ctx, dom_name, sid_str, 0); |