diff options
| -rw-r--r-- | src/providers/ldap/ldap_id.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c index 8ccb36092..a53a7d7b1 100644 --- a/src/providers/ldap/ldap_id.c +++ b/src/providers/ldap/ldap_id.c @@ -1124,6 +1124,7 @@ static void groups_by_user_done(struct tevent_req *subreq) struct groups_by_user_state); int dp_error = DP_ERR_FATAL; int ret; + const char *cname; ret = sdap_get_initgr_recv(subreq); talloc_zfree(subreq); @@ -1147,16 +1148,24 @@ static void groups_by_user_done(struct tevent_req *subreq) return; } + /* state->name is still the name used for the original request. The cached + * object might have a different name, e.g. a fully-qualified name. */ + ret = sysdb_get_real_name(state, state->domain, state->name, &cname); + if (ret != EOK) { + cname = state->name; + DEBUG(SSSDBG_OP_FAILURE, "Failed to canonicalize name, using [%s].\n", + cname); + } + if (ret == ENOENT && state->noexist_delete == true) { - ret = sysdb_delete_user(state->ctx->be->domain, state->name, 0); + ret = sysdb_delete_user(state->domain, cname, 0); if (ret != EOK && ret != ENOENT) { tevent_req_error(req, ret); return; } } - ret = set_initgroups_expire_attribute(state->ctx->be->domain, - state->name); + ret = set_initgroups_expire_attribute(state->domain, cname); if (ret != EOK) { state->dp_error = DP_ERR_FATAL; tevent_req_error(req, ret); |