diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2010-04-16 17:58:52 +0200 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-07 17:14:32 -0400 |
| commit | 66da80489c0114878043b40592c5f47d41eb0ffd (patch) | |
| tree | a69750b3275692fd6dd370da90cce74ad2615e2a /src/providers/ipa/ipa_common.c | |
| parent | dd025b4cbd501e2f34461f9d8359a829b81f5c2f (diff) | |
| download | sssd-66da80489c0114878043b40592c5f47d41eb0ffd.tar.gz sssd-66da80489c0114878043b40592c5f47d41eb0ffd.tar.xz sssd-66da80489c0114878043b40592c5f47d41eb0ffd.zip | |
Use service discovery in backends
Integrate the failover improvements with our back ends. The DNS domain
used in the SRV query is always the SSSD domain name.
Please note that this patch changes the default value of ldap_uri from
"ldap://localhost" to "NULL" in order to use service discovery with no
server set.
Diffstat (limited to 'src/providers/ipa/ipa_common.c')
| -rw-r--r-- | src/providers/ipa/ipa_common.c | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c index 7d457b7db..aa84e7a94 100644 --- a/src/providers/ipa/ipa_common.c +++ b/src/providers/ipa/ipa_common.c @@ -67,7 +67,8 @@ struct dp_option ipa_def_ldap_opts[] = { { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_pwd_policy", DP_OPT_STRING, { "none" } , NULL_STRING }, { "ldap_referrals", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE }, - { "account_cache_expiration", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER } + { "account_cache_expiration", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER }, + { "ldap_dns_service_name", DP_OPT_STRING, { SSS_LDAP_SRV_NAME }, NULL_STRING } }; struct sdap_attr_map ipa_attr_map[] = { @@ -155,12 +156,9 @@ int ipa_get_options(TALLOC_CTX *memctx, } } - /* FIXME: Make non-fatal once we have discovery */ server = dp_opt_get_string(opts->basic, IPA_SERVER); if (!server) { - DEBUG(0, ("Can't find ipa server, missing option!\n")); - ret = EINVAL; - goto done; + DEBUG(1, ("No ipa server set, will use service discovery!\n")); } ipa_hostname = dp_opt_get_string(opts->basic, IPA_HOSTNAME); @@ -537,6 +535,10 @@ int ipa_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, } service->krb5_service->realm = realm; + if (!servers) { + servers = BE_SRV_IDENTIFIER; + } + /* split server parm into a list */ ret = split_on_separator(tmp_ctx, servers, ',', true, &list, NULL); if (ret != EOK) { @@ -549,6 +551,18 @@ int ipa_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, talloc_steal(service, list[i]); + if (be_fo_is_srv_identifier(list[i])) { + ret = be_fo_add_srv_server(ctx, "IPA", "ldap", + FO_PROTO_TCP, ctx->domain->name, NULL); + if (ret) { + DEBUG(0, ("Failed to add server\n")); + goto done; + } + + DEBUG(6, ("Added service lookup for service IPA\n")); + continue; + } + ret = be_fo_add_server(ctx, "IPA", list[i], 0, NULL); if (ret && ret != EEXIST) { DEBUG(0, ("Failed to add server\n")); |