diff options
| author | Sumit Bose <sbose@redhat.com> | 2012-10-19 18:28:41 +0200 |
|---|---|---|
| committer | Sumit Bose <sbose@redhat.com> | 2012-10-26 10:32:05 +0200 |
| commit | d29e91321d175dce94d87c23a44ced40d265de2c (patch) | |
| tree | 66025c86ad9a2ae8a76b37603c6db091aba70d6f /src/providers/ipa | |
| parent | d9137b153f1266ee5659405b2d7bc11787dad817 (diff) | |
| download | sssd-d29e91321d175dce94d87c23a44ced40d265de2c.tar.gz sssd-d29e91321d175dce94d87c23a44ced40d265de2c.tar.xz sssd-d29e91321d175dce94d87c23a44ced40d265de2c.zip | |
krb5_auth_send: check for sub-domains
If there is an authentication request for a user from a sub-domain a
temporary sysdb context is generated to allow lookups in the
corresponding sub-tree in the cache.
Diffstat (limited to 'src/providers/ipa')
| -rw-r--r-- | src/providers/ipa/ipa_auth.c | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/src/providers/ipa/ipa_auth.c b/src/providers/ipa/ipa_auth.c index 2bd313b38..eb62f0295 100644 --- a/src/providers/ipa/ipa_auth.c +++ b/src/providers/ipa/ipa_auth.c @@ -210,12 +210,6 @@ void ipa_auth(struct be_req *be_req) state->pd = pd; - if (strcasecmp(pd->domain, be_req->be_ctx->domain->name) != 0 && - state->pd->cmd != SSS_PAM_ACCT_MGMT) { - DEBUG(SSSDBG_OP_FAILURE, ("This operation is not allowed for subdomains!\n")); - goto fail; - } - switch (state->pd->cmd) { case SSS_PAM_AUTHENTICATE: state->ipa_auth_ctx = talloc_get_type( |