diff options
| author | Pavel Březina <pbrezina@redhat.com> | 2014-10-31 14:26:30 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-11-18 10:38:58 +0100 |
| commit | cc347bda203a7b3d5122d20859c194d85d179f88 (patch) | |
| tree | e3d3613d93f7c78bc08a6c7a848ec4317d6627bf | |
| parent | ebfba7641dcc5e0c2d032ac791e66c788ffd0072 (diff) | |
| download | sssd-cc347bda203a7b3d5122d20859c194d85d179f88.tar.gz sssd-cc347bda203a7b3d5122d20859c194d85d179f88.tar.xz sssd-cc347bda203a7b3d5122d20859c194d85d179f88.zip | |
IPA: use ipaUserGroup object class for groups
dfb34c6c82ed5014599bf70de6791e6d79106fc2 changed object class
of IPA groups from posixGroups to more general groupOfNames.
However, this object class is used also for roles, permissions and
privileges which caused SSSD to consider those objects to be groups as
well during initgroups.
Resolves:
https://fedorahosted.org/sssd/ticket/2471
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 3937736546e2a4b7cccc58fded3efdff9ae690fc)
| -rw-r--r-- | src/providers/ipa/ipa_opts.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h index 5c82134fd..932ba4c76 100644 --- a/src/providers/ipa/ipa_opts.h +++ b/src/providers/ipa/ipa_opts.h @@ -202,7 +202,7 @@ struct sdap_attr_map ipa_user_map[] = { }; struct sdap_attr_map ipa_group_map[] = { - { "ldap_group_object_class", "groupOfNames", SYSDB_GROUP_CLASS, NULL }, + { "ldap_group_object_class", "ipaUserGroup", SYSDB_GROUP_CLASS, NULL }, { "ldap_group_object_class_alt", "posixGroup", SYSDB_GROUP_CLASS, NULL }, { "ldap_group_name", "cn", SYSDB_NAME, NULL }, { "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL }, |