diff options
| author | Sumit Bose <sbose@redhat.com> | 2015-03-12 12:46:31 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-05-11 19:19:58 +0200 |
| commit | 39e33e3392bb9bc3d81e519d31a0e4b692542c96 (patch) | |
| tree | 817a688d9ef7935c39ad47a871730172cafbc62b | |
| parent | fec528a3929792d4ec2981d6f3db30d6286197e7 (diff) | |
| download | sssd-39e33e3392bb9bc3d81e519d31a0e4b692542c96.tar.gz sssd-39e33e3392bb9bc3d81e519d31a0e4b692542c96.tar.xz sssd-39e33e3392bb9bc3d81e519d31a0e4b692542c96.zip | |
SDAP: use DN to update entry
sdap_nested_group_populate_users() has code to handle user name changes.
It updates the SYSDB_NAME attribute. This attribute is also used in the
RDN but changing the attribute in the object does not change the DN
hence the DN still contains the old name. Currently
sysdb_set_user_attr() was used to update the entry which creates the DN
based on the give name. This will fail if the name is changed for a
second time. Since the DN is already available in the search result it
is more reliable to use it directly with sysdb_set_entry_attr().
Related to https://fedorahosted.org/sssd/ticket/2591
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit 305267064a9d8c86536fcd5c92c1c9cb3e7df268)
| -rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index fb1912d2b..73caa9b5b 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -2467,7 +2467,8 @@ static errno_t sdap_nested_group_populate_users(TALLOC_CTX *mem_ctx, ret = sysdb_attrs_add_string(attrs, SYSDB_NAME, username); if (ret) goto done; - ret = sysdb_set_user_attr(user_dom, sysdb_name, attrs, SYSDB_MOD_REP); + ret = sysdb_set_entry_attr(user_dom->sysdb, msgs[0]->dn, attrs, + SYSDB_MOD_REP); if (ret != EOK) goto done; } else { key.type = HASH_KEY_STRING; |