LDAP: Do not remove uidNumber and gidNumber attributes when saving id-mapped entries

2 files changed, 16 insertions, 0 deletions

diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
index 67720025a..eb3cb9571 100644
--- a/src/providers/ldap/sdap_async_groups.c
+++ b/src/providers/ldap/sdap_async_groups.c
@@ -286,6 +286,11 @@ static int sdap_save_group(TALLOC_CTX *memctx,
             }
         }
 
+        /* Store the GID in the ldap_attrs so it doesn't get
+         * treated as a missing attribute from LDAP and removed.
+         */
+        ret = sysdb_attrs_add_uint32(attrs, SYSDB_GIDNUM, gid);
+        if (ret != EOK) goto fail;
     } else {
         ret = sysdb_attrs_get_bool(attrs, SYSDB_POSIX, &posix_group);
         if (ret == ENOENT) {
diff --git a/src/providers/ldap/sdap_async_users.c b/src/providers/ldap/sdap_async_users.c
index c894e874b..11574f9e6 100644
--- a/src/providers/ldap/sdap_async_users.c
+++ b/src/providers/ldap/sdap_async_users.c
@@ -179,6 +179,11 @@ int sdap_save_user(TALLOC_CTX *memctx,
             }
         }
 
+        /* Store the UID in the ldap_attrs so it doesn't get
+         * treated as a missing attribute from LDAP and removed.
+         */
+        ret = sysdb_attrs_add_uint32(attrs, SYSDB_UIDNUM, uid);
+        if (ret != EOK) goto fail;
     } else {
         ret = sysdb_attrs_get_uint32_t(attrs,
                                        opts->user_map[SDAP_AT_USER_UID].sys_name,
@@ -247,6 +252,12 @@ int sdap_save_user(TALLOC_CTX *memctx,
             ret = EIO;
             goto fail;
         }
+
+        /* Store the GID in the ldap_attrs so it doesn't get
+         * treated as a missing attribute from LDAP and removed.
+         */
+        ret = sysdb_attrs_add_uint32(attrs, SYSDB_GIDNUM, gid);
+        if (ret != EOK) goto fail;
     } else {
         ret = sysdb_attrs_get_uint32_t(attrs,
                                        opts->user_map[SDAP_AT_USER_GID].sys_name,