diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2013-10-07 18:02:04 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-10-25 22:04:11 +0200 |
commit | 9dd62f094fb4c1bfb04128de1c3ec20933603046 (patch) | |
tree | eded847415955a60fbad0a712c896f0671c85dee /src/providers/ldap/ldap_common.h | |
parent | e37cbdd9be139b9949024c94ae21c12b36a6c180 (diff) | |
download | sssd-9dd62f094fb4c1bfb04128de1c3ec20933603046.tar.gz sssd-9dd62f094fb4c1bfb04128de1c3ec20933603046.tar.xz sssd-9dd62f094fb4c1bfb04128de1c3ec20933603046.zip |
AD: Use the ad_access_filter if it's set
Related:
https://fedorahosted.org/sssd/ticket/2082
Currently the AD access control only checks if an account has been
expired. This patch amends the logic so that if ad_access_filter is set,
it is used automatically.
Diffstat (limited to 'src/providers/ldap/ldap_common.h')
-rw-r--r-- | src/providers/ldap/ldap_common.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h index fb9a34c60..0bd6c9cc2 100644 --- a/src/providers/ldap/ldap_common.h +++ b/src/providers/ldap/ldap_common.h @@ -261,6 +261,9 @@ char *sdap_get_id_specific_filter(TALLOC_CTX *mem_ctx, const char *base_filter, const char *extra_filter); +char *sdap_get_access_filter(TALLOC_CTX *mem_ctx, + const char *base_filter); + errno_t msgs2attrs_array(TALLOC_CTX *mem_ctx, size_t count, struct ldb_message **msgs, struct sysdb_attrs ***attrs); |