diff options
| author | Stephen Gallagher <sgallagh@redhat.com> | 2012-04-21 09:31:36 -0400 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-05-03 14:09:14 -0400 |
| commit | 4f3fd1fb264a7eaf3a9d062d49e071b0d17e4deb (patch) | |
| tree | b2129c3ab1f99ccdfdc2394d8bd9488ec3abffa5 /src/providers/ldap/sdap_idmap.c | |
| parent | 2fd5864ac8eb2c4cfa0fafe7c0431a74f2ebe1fb (diff) | |
| download | sssd-4f3fd1fb264a7eaf3a9d062d49e071b0d17e4deb.tar.gz sssd-4f3fd1fb264a7eaf3a9d062d49e071b0d17e4deb.tar.xz sssd-4f3fd1fb264a7eaf3a9d062d49e071b0d17e4deb.zip | |
LDAP: Allow setting a default domain for id-mapping slice 0
Diffstat (limited to 'src/providers/ldap/sdap_idmap.c')
| -rw-r--r-- | src/providers/ldap/sdap_idmap.c | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_idmap.c b/src/providers/ldap/sdap_idmap.c index 24e7ef371..02e3d0eac 100644 --- a/src/providers/ldap/sdap_idmap.c +++ b/src/providers/ldap/sdap_idmap.c @@ -129,6 +129,42 @@ sdap_idmap_init(TALLOC_CTX *mem_ctx, goto done; } } + } else { + /* This is the first time we're setting up id-mapping + * Store the default domain as slice 0 + */ + dom_name = dp_opt_get_string(idmap_ctx->id_ctx->opts->basic, SDAP_IDMAP_DEFAULT_DOMAIN); + if (!dom_name) { + /* If it's not explicitly specified, use the SSSD domain name */ + dom_name = idmap_ctx->id_ctx->be->domain->name; + ret = dp_opt_set_string(idmap_ctx->id_ctx->opts->basic, + SDAP_IDMAP_DEFAULT_DOMAIN, + dom_name); + if (ret != EOK) goto done; + } + + sid_str = dp_opt_get_string(idmap_ctx->id_ctx->opts->basic, SDAP_IDMAP_DEFAULT_DOMAIN_SID); + if (sid_str) { + /* Set the default domain as slice 0 */ + ret = sdap_idmap_add_domain(idmap_ctx, dom_name, + sid_str, 0); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, + ("Could not add domain [%s][%s][%u] to ID map: [%s]\n", + dom_name, sid_str, 0, strerror(ret))); + goto done; + } + } else { + if (dp_opt_get_bool(idmap_ctx->id_ctx->opts->basic, SDAP_IDMAP_AUTORID_COMPAT)) { + /* In autorid compatibility mode, we MUST have a slice 0 */ + DEBUG(SSSDBG_FATAL_FAILURE, + ("Autorid compatibility mode selected, but %s is not set\n", + idmap_ctx->id_ctx->opts->basic[SDAP_IDMAP_DEFAULT_DOMAIN_SID].opt_name)); + ret = EINVAL; + goto done; + } + /* Otherwise, we'll just fall back to hash values as they are seen */ + } } *_idmap_ctx = talloc_steal(mem_ctx, idmap_ctx); |