sssd.git - sssd with jhrozek's patches

diff options

author	Jakub Hrozek <jhrozek@redhat.com>	2015-09-17 17:11:34 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2015-09-23 23:08:50 +0200
commit	42bd89dbe77846b6ee60365bba50da521745bca1 (patch)
tree	e227ad3ebdf6d958e9a3878fbcff3d521637aee3 /contrib
parent	bc58e1cfee742178f95922d964349d6c262f6df7 (diff)
download	sssd-42bd89dbe77846b6ee60365bba50da521745bca1.tar.gz sssd-42bd89dbe77846b6ee60365bba50da521745bca1.tar.xz sssd-42bd89dbe77846b6ee60365bba50da521745bca1.zip

IPA: Retry fetching keytab if IPA user lookup fails

Required for: https://fedorahosted.org/sssd/ticket/2639 Instead of calling ipa_get_ad_acct_send directly, call a new request ipa_srv_ad_acct_send. The new request wraps ipa_get_ad_acct_send and either tries to request a new keytab every time the lookup fails but the domain is online. be_mark_dom_offline() is called when the retry fails with the new code. The retry tries to re-setup the trusted domain. With two-way setups, the request is a no-op. With one-way trust setups, the request re-fetches new keytab unconditionally. Reviewed-by: Sumit Bose <sbose@redhat.com>

Diffstat (limited to 'contrib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: