diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2013-10-06 20:23:07 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-10-25 21:02:43 +0200 |
commit | 443eb8217741df57d9f58f2098487b91e3404e71 (patch) | |
tree | 013d5921211dbcd981394218c692d769f2d9adef /src/providers/ad | |
parent | f64296c40e07614668c4ac4c978bc8980fb6a7db (diff) | |
download | sssd-443eb8217741df57d9f58f2098487b91e3404e71.tar.gz sssd-443eb8217741df57d9f58f2098487b91e3404e71.tar.xz sssd-443eb8217741df57d9f58f2098487b91e3404e71.zip |
LDAP: Amend sdap_access_check to allow any connection
Related:
https://fedorahosted.org/sssd/ticket/2082
Also move the check for subdomain to the handler. I think it is the job
of the handler to decide which domain the request belongs to, not the
request itself.
Diffstat (limited to 'src/providers/ad')
-rw-r--r-- | src/providers/ad/ad_access.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/providers/ad/ad_access.c b/src/providers/ad/ad_access.c index 746017dc5..cf6412f22 100644 --- a/src/providers/ad/ad_access.c +++ b/src/providers/ad/ad_access.c @@ -56,7 +56,9 @@ ad_access_handler(struct be_req *breq) /* Verify that the account is not locked */ req = sdap_access_send(breq, be_ctx->ev, be_ctx, domain, - access_ctx->sdap_access_ctx, pd); + access_ctx->sdap_access_ctx, + access_ctx->sdap_access_ctx->id_ctx->conn, + pd); if (!req) { be_req_terminate(breq, DP_ERR_FATAL, PAM_SYSTEM_ERR, NULL); return; |