diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2014-01-24 17:03:27 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-01-29 20:47:02 +0100 |
commit | 5a3c166f6622ffb537d86a5954b29f9c70cabe22 (patch) | |
tree | 155080ab972d2c61447849562ff83ec0c6b79f7f /src | |
parent | 701bf3c29b2b9d036c46883604f4fd66b663976c (diff) | |
download | sssd-5a3c166f6622ffb537d86a5954b29f9c70cabe22.tar.gz sssd-5a3c166f6622ffb537d86a5954b29f9c70cabe22.tar.xz sssd-5a3c166f6622ffb537d86a5954b29f9c70cabe22.zip |
LDAP: store group if subdomain cannot be found by sid
Domain needn't contain sid if id_provider is ldap.
With enabled id mapping, group couldn't be stored, because domain
couldn't be found by sid.
Resolves:
https://fedorahosted.org/sssd/ticket/2172
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index 4ed7d4ab9..ab3691f80 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -452,6 +452,7 @@ static int sdap_save_group(TALLOC_CTX *memctx, bool posix_group; bool use_id_mapping; char *sid_str; + struct sss_domain_info *subdomain; int32_t ad_group_type; tmpctx = talloc_new(NULL); @@ -490,11 +491,12 @@ static int sdap_save_group(TALLOC_CTX *memctx, /* If this object has a SID available, we will determine the correct * domain by its SID. */ if (sid_str != NULL) { - dom = find_subdomain_by_sid(get_domains_head(dom), sid_str); - if (dom == NULL) { - DEBUG(SSSDBG_OP_FAILURE, ("SID %s does not belong to any known " + subdomain = find_subdomain_by_sid(get_domains_head(dom), sid_str); + if (subdomain) { + dom = subdomain; + } else { + DEBUG(SSSDBG_TRACE_FUNC, ("SID %s does not belong to any known " "domain\n", sid_str)); - return ERR_DOMAIN_NOT_FOUND; } } |