AD: Add a utility function to create list of connections

ad_id.c and ad_access.c used the same block of code. With the upcoming
option to disable GC lookups, we should unify the code in a function to
avoid breaking one of the code paths.

The same applies for the LDAP connection to the trusted AD DC.

Includes a unit test.

1 files changed, 1 insertions, 15 deletions

diff --git a/src/providers/ad/ad_access.c b/src/providers/ad/ad_access.c
index 6995172db..68a292abc 100644
--- a/src/providers/ad/ad_access.c
+++ b/src/providers/ad/ad_access.c
@@ -274,26 +274,12 @@ ad_access_send(TALLOC_CTX *mem_ctx,
         goto done;
     }
 
-    state->clist = talloc_zero_array(state, struct sdap_id_conn_ctx *, 3);
+    state->clist = ad_gc_conn_list(state, ctx->ad_id_ctx, domain);
     if (state->clist == NULL) {
         ret = ENOMEM;
         goto done;
     }
 
-    /* Always try GC first */
-    ctx->gc_ctx->ignore_mark_offline = false;
-    state->clist[0] = ctx->gc_ctx;
-    if (IS_SUBDOMAIN(domain) == false) {
-        /* fall back to ldap if gc is not available */
-        state->clist[0]->ignore_mark_offline = true;
-
-        /* With root domain users we have the option to
-         * fall back to LDAP in case ie POSIX attributes
-         * are used but not replicated to GC
-         */
-        state->clist[1] = ctx->ldap_ctx;
-    }
-
     ret = ad_access_step(req, state->clist[state->cindex]);
     if (ret != EOK) {
         goto done;