diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2013-12-13 20:11:11 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-12-19 20:14:45 +0100 |
| commit | dfebe8a952561e51fe1d603886ba4e979b29d889 (patch) | |
| tree | 9048a622454ec19b3aa5e67f9e8cb480edb41119 | |
| parent | 168396cd93b3f0e42b4842f520f2bcece91274c6 (diff) | |
| download | sssd-dfebe8a952561e51fe1d603886ba4e979b29d889.tar.gz sssd-dfebe8a952561e51fe1d603886ba4e979b29d889.tar.xz sssd-dfebe8a952561e51fe1d603886ba4e979b29d889.zip | |
AD: Enable fallback to LDAP of trusted domain
Since we have the LDAP port of a trusted AD GC always available now, we
can always perform a fallback.
| -rw-r--r-- | src/providers/ad/ad_common.c | 14 | ||||
| -rw-r--r-- | src/tests/cmocka/test_ad_common.c | 7 |
2 files changed, 5 insertions, 16 deletions
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c index a5ea4f587..99fa4c07a 100644 --- a/src/providers/ad/ad_common.c +++ b/src/providers/ad/ad_common.c @@ -1133,23 +1133,11 @@ ad_gc_conn_list(TALLOC_CTX *mem_ctx, struct ad_id_ctx *ad_ctx, /* Always try GC first */ if (dp_opt_get_bool(ad_ctx->ad_options->basic, AD_ENABLE_GC)) { clist[cindex] = ad_ctx->gc_ctx; - if (IS_SUBDOMAIN(dom) == true) { - clist[cindex]->ignore_mark_offline = false; - /* Subdomain users are only present in GC. */ - return clist; - } - /* fall back to ldap if gc is not available */ clist[cindex]->ignore_mark_offline = true; cindex++; } - if (IS_SUBDOMAIN(dom) == false) { - /* With root domain users we have the option to - * fall back to LDAP in case ie POSIX attributes - * are used but not replicated to GC - */ - clist[cindex] = ad_ctx->ldap_ctx; - } + clist[cindex] = ad_get_dom_ldap_conn(ad_ctx, dom); return clist; } diff --git a/src/tests/cmocka/test_ad_common.c b/src/tests/cmocka/test_ad_common.c index 07502b82d..bbd56b1b9 100644 --- a/src/tests/cmocka/test_ad_common.c +++ b/src/tests/cmocka/test_ad_common.c @@ -176,8 +176,9 @@ void test_conn_list(void **state) assert_non_null(conn_list); assert_true(conn_list[0] == test_ctx->ad_ctx->gc_ctx); - assert_false(conn_list[0]->ignore_mark_offline); - assert_null(conn_list[1]); + assert_true(conn_list[0]->ignore_mark_offline); + assert_true(conn_list[1] == test_ctx->subdom_ad_ctx->ldap_ctx); + assert_false(conn_list[1]->ignore_mark_offline); talloc_free(conn_list); dp_opt_set_bool(test_ctx->ad_ctx->ad_options->basic, AD_ENABLE_GC, false); @@ -195,7 +196,7 @@ void test_conn_list(void **state) conn_list = ad_gc_conn_list(test_ctx, test_ctx->ad_ctx, test_ctx->subdom); assert_non_null(conn_list); - assert_null(conn_list[0]); + assert_true(conn_list[0] == test_ctx->subdom_ad_ctx->ldap_ctx); talloc_free(conn_list); } |