diff options
| -rw-r--r-- | src/providers/ipa/ipa_s2n_exop.c | 12 | ||||
| -rw-r--r-- | src/providers/ldap/ldap_common.c | 8 |
2 files changed, 18 insertions, 2 deletions
diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c index d101a437d..1d233cd52 100644 --- a/src/providers/ipa/ipa_s2n_exop.c +++ b/src/providers/ipa/ipa_s2n_exop.c @@ -1764,6 +1764,8 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom, struct sysdb_attrs *gid_override_attrs = NULL; char ** exop_grouplist; struct ldb_message *msg; + struct ldb_message_element *el = NULL; + const char *missing[] = {NULL, NULL}; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { @@ -1993,6 +1995,12 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom, } } + ret = sysdb_attrs_get_el_ext(attrs->sysdb_attrs, + SYSDB_ORIG_MEMBEROF, false, &el); + if (ret == ENOENT) { + missing[0] = SYSDB_ORIG_MEMBEROF; + } + ret = sysdb_transaction_start(dom->sysdb); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Failed to start transaction\n"); @@ -2004,7 +2012,9 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom, attrs->a.user.pw_uid, gid, attrs->a.user.pw_gecos, attrs->a.user.pw_dir, attrs->a.user.pw_shell, - NULL, attrs->sysdb_attrs, NULL, + NULL, attrs->sysdb_attrs, + missing[0] == NULL ? NULL + : discard_const(missing), dom->user_timeout, now); if (ret == EEXIST && dom->mpg == true) { /* This handles the case where getgrgid() was called for diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 35de9c0a7..27b62a635 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -780,7 +780,7 @@ errno_t list_missing_attrs(TALLOC_CTX *mem_ctx, /* Allocate the maximum possible values for missing_attrs, to * be on the safe side */ - missing = talloc_array(tmp_ctx, char *, attr_count); + missing = talloc_array(tmp_ctx, char *, attr_count + 2); if (!missing) { ret = ENOMEM; goto done; @@ -831,6 +831,12 @@ errno_t list_missing_attrs(TALLOC_CTX *mem_ctx, /* Attribute could not be found. Add to the missing list */ missing[k] = talloc_steal(missing, sysdb_name); k++; + + /* Remove originalMemberOf as well if MemberOf is missing */ + if (strcmp(sysdb_name, SYSDB_MEMBEROF) == 0) { + missing[k] = talloc_strdup(missing, SYSDB_ORIG_MEMBEROF); + k++; + } } } |