diff options
author | Sumit Bose <sbose@redhat.com> | 2014-10-22 10:03:09 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-22 12:37:41 +0200 |
commit | 44329653f423c632b027065a9c0ea0bf4199396a (patch) | |
tree | adb6c4a40ff5f3ef9ab6e6958650e4d8eced0220 /src/providers/ipa/ipa_views.c | |
parent | b2636dab7c08a2ccc10edc1f3a83a6622543e21b (diff) | |
download | sssd-44329653f423c632b027065a9c0ea0bf4199396a.tar.gz sssd-44329653f423c632b027065a9c0ea0bf4199396a.tar.xz sssd-44329653f423c632b027065a9c0ea0bf4199396a.zip |
ipa: fix issues with older servers not supporting views
Older FreeIPA servers which do not know about the ipaAssignedIDView
attribute will return an error during the LDAP dereference request
because SSSD marks LDAP extensions as critical. In this case we keep the
view name empty and skip override lookups.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/providers/ipa/ipa_views.c')
-rw-r--r-- | src/providers/ipa/ipa_views.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/src/providers/ipa/ipa_views.c b/src/providers/ipa/ipa_views.c index 33dbf7b1c..2eb77216a 100644 --- a/src/providers/ipa/ipa_views.c +++ b/src/providers/ipa/ipa_views.c @@ -208,15 +208,22 @@ struct tevent_req *ipa_get_ad_override_send(TALLOC_CTX *mem_ctx, state->sdap_id_ctx = sdap_id_ctx; state->ipa_options = ipa_options; state->ipa_realm = ipa_realm; + state->ar = ar; + state->dp_error = -1; + state->override_attrs = NULL; + state->filter = NULL; + + if (view_name == NULL) { + DEBUG(SSSDBG_TRACE_ALL, "View not defined, nothing to do.\n"); + ret = EOK; + goto done; + } + if (strcmp(view_name, SYSDB_DEFAULT_VIEW_NAME) == 0) { state->ipa_view_name = IPA_DEFAULT_VIEW_NAME; } else { state->ipa_view_name = view_name; } - state->ar = ar; - state->dp_error = -1; - state->override_attrs = NULL; - state->filter = NULL; state->sdap_op = sdap_id_op_create(state, state->sdap_id_ctx->conn->conn_cache); |