LDAP: Don't fail if subdomain cannot be found by sid

Domain needn't contain sid if id_provider is ldap.
With enabled id mapping, user couldn't be stored, because domain
couldn't be found by sid.

Resolves:
https://fedorahosted.org/sssd/ticket/2172

1 files changed, 6 insertions, 4 deletions

diff --git a/src/providers/ldap/sdap_async_users.c b/src/providers/ldap/sdap_async_users.c
index 7f0b2eea0..65c456c8f 100644
--- a/src/providers/ldap/sdap_async_users.c
+++ b/src/providers/ldap/sdap_async_users.c
@@ -124,6 +124,7 @@ int sdap_save_user(TALLOC_CTX *memctx,
     bool use_id_mapping;
     char *sid_str;
     char *dom_sid_str = NULL;
+    struct sss_domain_info *subdomain;
 
     DEBUG(SSSDBG_TRACE_FUNC, ("Save user\n"));
 
@@ -163,11 +164,12 @@ int sdap_save_user(TALLOC_CTX *memctx,
     /* If this object has a SID available, we will determine the correct
      * domain by its SID. */
     if (sid_str != NULL) {
-        dom = find_subdomain_by_sid(get_domains_head(dom), sid_str);
-        if (dom == NULL) {
-            DEBUG(SSSDBG_OP_FAILURE, ("SID %s does not belong to any known "
+        subdomain = find_subdomain_by_sid(get_domains_head(dom), sid_str);
+        if (subdomain) {
+            dom = subdomain;
+        } else {
+            DEBUG(SSSDBG_TRACE_FUNC, ("SID %s does not belong to any known "
                                       "domain\n", sid_str));
-            return ERR_DOMAIN_NOT_FOUND;
         }
     }