AD: Use the ad_access_filter if it's set

Related: https://fedorahosted.org/sssd/ticket/2082 Currently the AD access control only checks if an account has been expired. This patch amends the logic so that if ad_access_filter is set, it is used automatically.
author: Jakub Hrozek <jhrozek@redhat.com> 2013-10-07 18:02:04 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2013-10-25 21:02:43 +0200
commit: efe6b4a9d374339cac2528cdeb43720957c6b7c9 (patch)
tree: 354549682b9d2333bff82177176af077bd6b805a /src/providers/ldap/ldap_common.h
parent: 8a05fd320a44636d120a18eb7e9956c7b35b3138 (diff)
download: sssd-efe6b4a9d374339cac2528cdeb43720957c6b7c9.tar.gz
sssd-efe6b4a9d374339cac2528cdeb43720957c6b7c9.tar.xz
sssd-efe6b4a9d374339cac2528cdeb43720957c6b7c9.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h
index fb9a34c60..0bd6c9cc2 100644
--- a/src/providers/ldap/ldap_common.h
+++ b/src/providers/ldap/ldap_common.h
@@ -261,6 +261,9 @@ char *sdap_get_id_specific_filter(TALLOC_CTX *mem_ctx,
                                   const char *base_filter,
                                   const char *extra_filter);
 
+char *sdap_get_access_filter(TALLOC_CTX *mem_ctx,
+                             const char *base_filter);
+
 errno_t msgs2attrs_array(TALLOC_CTX *mem_ctx, size_t count,
                          struct ldb_message **msgs,
                          struct sysdb_attrs ***attrs);
author	Jakub Hrozek <jhrozek@redhat.com>	2013-10-07 18:02:04 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2013-10-25 21:02:43 +0200
commit	efe6b4a9d374339cac2528cdeb43720957c6b7c9 (patch)
tree	354549682b9d2333bff82177176af077bd6b805a /src/providers/ldap/ldap_common.h
parent	8a05fd320a44636d120a18eb7e9956c7b35b3138 (diff)
download	sssd-efe6b4a9d374339cac2528cdeb43720957c6b7c9.tar.gz sssd-efe6b4a9d374339cac2528cdeb43720957c6b7c9.tar.xz sssd-efe6b4a9d374339cac2528cdeb43720957c6b7c9.zip