summaryrefslogtreecommitdiffstats
path: root/src/providers
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2011-11-28 18:47:19 +0100
committerStephen Gallagher <sgallagh@redhat.com>2011-12-14 13:31:54 -0500
commitf7255e5d207800eb86003ec926951c0a6397aa04 (patch)
tree2a4e747f2836ba8b39e31d7c0bff23032f391722 /src/providers
parentc7abfb71130bdeb47e2f864a1e7957a8823cfcc4 (diff)
downloadsssd-f7255e5d207800eb86003ec926951c0a6397aa04.tar.gz
sssd-f7255e5d207800eb86003ec926951c0a6397aa04.tar.xz
sssd-f7255e5d207800eb86003ec926951c0a6397aa04.zip
Support search bases in netgroup members translation
Diffstat (limited to 'src/providers')
-rw-r--r--src/providers/ldap/sdap_async_netgroups.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/src/providers/ldap/sdap_async_netgroups.c b/src/providers/ldap/sdap_async_netgroups.c
index bb2e1bb2c..0f486dedd 100644
--- a/src/providers/ldap/sdap_async_netgroups.c
+++ b/src/providers/ldap/sdap_async_netgroups.c
@@ -424,6 +424,7 @@ static errno_t netgr_translate_members_ldap_step(struct tevent_req *req)
struct netgr_translate_members_state *state = tevent_req_data(req,
struct netgr_translate_members_state);
const char **cn_attr;
+ char *filter = NULL;
struct tevent_req *subreq;
int ret;
@@ -447,6 +448,15 @@ static errno_t netgr_translate_members_ldap_step(struct tevent_req *req)
return EOK;
}
+ if (!sss_ldap_dn_in_search_bases(state, state->dn_item->dn,
+ state->opts->netgroup_search_bases,
+ &filter)) {
+ /* not in search base, skip it */
+ state->dn_idx = state->dn_item->next;
+ DLIST_REMOVE(state->dn_list, state->dn_item);
+ return netgr_translate_members_ldap_step(req);
+ }
+
cn_attr = talloc_array(state, const char *, 3);
if (cn_attr == NULL) {
DEBUG(1, ("talloc_array failed.\n"));
@@ -458,7 +468,7 @@ static errno_t netgr_translate_members_ldap_step(struct tevent_req *req)
DEBUG(9, ("LDAP base search for [%s].\n", state->dn_item->dn));
subreq = sdap_get_generic_send(state, state->ev, state->opts, state->sh,
- state->dn_item->dn, LDAP_SCOPE_BASE, NULL,
+ state->dn_item->dn, LDAP_SCOPE_BASE, filter,
cn_attr, state->opts->netgroup_map,
SDAP_OPTS_NETGROUP,
dp_opt_get_int(state->opts->basic,