diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2015-09-17 17:11:34 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-09-23 09:24:44 +0200 |
commit | d382b037398d8040045ec16fdd123fc5125dcb21 (patch) | |
tree | 6ee1a53eb589656afd364fd8a7bb3d5e3de7f3c0 /src/providers/ldap/ldap_common.h | |
parent | 63de05590cd0a9c1319880f44c6c1557e272d249 (diff) | |
download | sssd-d382b037398d8040045ec16fdd123fc5125dcb21.tar.gz sssd-d382b037398d8040045ec16fdd123fc5125dcb21.tar.xz sssd-d382b037398d8040045ec16fdd123fc5125dcb21.zip |
IPA: Retry fetching keytab if IPA user lookup fails
Required for:
https://fedorahosted.org/sssd/ticket/2639
Instead of calling ipa_get_ad_acct_send directly, call a new request
ipa_srv_ad_acct_send. The new request wraps ipa_get_ad_acct_send and
either tries to request a new keytab every time the lookup fails but the
domain is online.
be_mark_dom_offline() is called when the retry fails with the new code.
The retry tries to re-setup the trusted domain. With two-way setups, the
request is a no-op. With one-way trust setups, the request re-fetches
new keytab unconditionally.
Diffstat (limited to 'src/providers/ldap/ldap_common.h')
0 files changed, 0 insertions, 0 deletions