summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPavel Reichl <preichl@redhat.com>2014-08-22 13:56:32 +0100
committerJakub Hrozek <jhrozek@redhat.com>2014-09-04 12:54:59 +0200
commit6d61ba983def0c9ffbf964a84c7289323b849f18 (patch)
tree36b6f69709791c27e3911716b10187751f4d6946
parent89f0313c25b18ec8922e7aa145c5ed2297d276e7 (diff)
downloadsssd-6d61ba983def0c9ffbf964a84c7289323b849f18.tar.gz
sssd-6d61ba983def0c9ffbf964a84c7289323b849f18.tar.xz
sssd-6d61ba983def0c9ffbf964a84c7289323b849f18.zip
AD: process non-posix nested groups using tokenGroups
When initgr is performed for AD supporting tokenGroups, do not skip non-posix groups. Resolves: https://fedorahosted.org/sssd/ticket/2343
Diffstat
-rw-r--r--src/providers/ldap/sdap_async_initgroups_ad.c9
1 files changed, 1 insertions, 8 deletions
diff --git a/src/providers/ldap/sdap_async_initgroups_ad.c b/src/providers/ldap/sdap_async_initgroups_ad.c
index 9b07507bf..574579d9e 100644
--- a/src/providers/ldap/sdap_async_initgroups_ad.c
+++ b/src/providers/ldap/sdap_async_initgroups_ad.c
@@ -1152,8 +1152,7 @@ sdap_ad_tokengroups_get_posix_members(TALLOC_CTX *mem_ctx,
TALLOC_CTX *tmp_ctx = NULL;
struct sss_domain_info *domain = NULL;
struct ldb_message *msg = NULL;
- const char *attrs[] = {SYSDB_NAME, SYSDB_POSIX, NULL};
- const char *is_posix = NULL;
+ const char *attrs[] = {SYSDB_NAME, NULL};
const char *name = NULL;
char *sid = NULL;
char **valid_groups = NULL;
@@ -1200,12 +1199,6 @@ sdap_ad_tokengroups_get_posix_members(TALLOC_CTX *mem_ctx,
ret = sysdb_search_group_by_sid_str(tmp_ctx, domain->sysdb, domain,
sid, attrs, &msg);
if (ret == EOK) {
- is_posix = ldb_msg_find_attr_as_string(msg, SYSDB_POSIX, NULL);
- if (is_posix != NULL && strcmp(is_posix, "FALSE") == 0) {
- /* skip non-posix group */
- continue;
- }
-
/* we will update membership of this group */
name = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
if (name == NULL) {
generated by cgit (git 2.34.1) at 2024-04-23 09:22:48 +0000