IPA: fix override with the same name

If the user name of a AD user is overridden with the name itself in an IPA override object SSSD adds this name twice to the alias list causing an ldb error when trying to write the user object to the cache. As a result the user is not available. This patch makes sure that there are no duplicated alias names. Resolves https://fedorahosted.org/sssd/ticket/2874 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
author: Sumit Bose <sbose@redhat.com> 2015-11-19 11:42:39 +0100
committer: Jakub Hrozek <jhrozek@redhat.com> 2015-11-20 14:51:44 +0100
commit: aedc71fe8360a51785933523f14bb5c4e7e2c38b (patch)
tree: ac06160ae0877fcea938d7f8c24ca99e91d4cc68 /src/providers
parent: 17c1656db0a1c4153f80a893978c1c28a5784d55 (diff)
download: sssd-aedc71fe8360a51785933523f14bb5c4e7e2c38b.tar.gz
sssd-aedc71fe8360a51785933523f14bb5c4e7e2c38b.tar.xz
sssd-aedc71fe8360a51785933523f14bb5c4e7e2c38b.zip
1 files changed, 7 insertions, 6 deletions
diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c
index 1e6368dc7..bcd11749f 100644
--- a/src/providers/ipa/ipa_s2n_exop.c
+++ b/src/providers/ipa/ipa_s2n_exop.c
@@ -1804,10 +1804,11 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom,
         ret = sysdb_attrs_get_string(attrs->sysdb_attrs,
                                      SYSDB_DEFAULT_OVERRIDE_NAME, &tmp_str);
         if (ret == EOK) {
-            ret = sysdb_attrs_add_lc_name_alias(attrs->sysdb_attrs, tmp_str);
+            ret = sysdb_attrs_add_lc_name_alias_safe(attrs->sysdb_attrs,
+                                                     tmp_str);
             if (ret != EOK) {
                 DEBUG(SSSDBG_OP_FAILURE,
-                      "sysdb_attrs_add_lc_name_alias failed.\n");
+                      "sysdb_attrs_add_lc_name_alias_safe failed.\n");
                 goto done;
             }
         } else if (ret != ENOENT) {
@@ -1876,10 +1877,10 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom,
                 }
             }
 
-            ret = sysdb_attrs_add_lc_name_alias(attrs->sysdb_attrs, name);
+            ret = sysdb_attrs_add_lc_name_alias_safe(attrs->sysdb_attrs, name);
             if (ret != EOK) {
                 DEBUG(SSSDBG_OP_FAILURE,
-                      "sysdb_attrs_add_lc_name_alias failed.\n");
+                      "sysdb_attrs_add_lc_name_alias_safe failed.\n");
                 goto done;
             }
 
@@ -2133,10 +2134,10 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom,
             }
             DEBUG(SSSDBG_TRACE_FUNC, "Processing group %s\n", name);
 
-            ret = sysdb_attrs_add_lc_name_alias(attrs->sysdb_attrs, name);
+            ret = sysdb_attrs_add_lc_name_alias_safe(attrs->sysdb_attrs, name);
             if (ret != EOK) {
                 DEBUG(SSSDBG_OP_FAILURE,
-                      "sysdb_attrs_add_lc_name_alias failed.\n");
+                      "sysdb_attrs_add_lc_name_alias_safe failed.\n");
                 goto done;
             }
author	Sumit Bose <sbose@redhat.com>	2015-11-19 11:42:39 +0100
committer	Jakub Hrozek <jhrozek@redhat.com>	2015-11-20 14:51:44 +0100
commit	aedc71fe8360a51785933523f14bb5c4e7e2c38b (patch)
tree	ac06160ae0877fcea938d7f8c24ca99e91d4cc68 /src/providers
parent	17c1656db0a1c4153f80a893978c1c28a5784d55 (diff)
download	sssd-aedc71fe8360a51785933523f14bb5c4e7e2c38b.tar.gz sssd-aedc71fe8360a51785933523f14bb5c4e7e2c38b.tar.xz sssd-aedc71fe8360a51785933523f14bb5c4e7e2c38b.zip