2 files changed, 20 insertions, 1 deletions

diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 0f745ccb1..9e28b5c66 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -157,9 +157,10 @@
 #define SYSDB_AD_ACCOUNT_EXPIRES "adAccountExpires"
 #define SYSDB_AD_USER_ACCOUNT_CONTROL "adUserAccountControl"
 
+#define SYSDB_DEFAULT_VIEW_NAME "default"
+#define SYSDB_LOCAL_VIEW_NAME "LOCAL" /* reserved for client-side overrides */
 #define SYSDB_VIEW_CLASS "view"
 #define SYSDB_VIEW_NAME "viewName"
-#define SYSDB_DEFAULT_VIEW_NAME "default"
 #define SYSDB_OVERRIDE_CLASS "overrride"
 #define SYSDB_OVERRIDE_ANCHOR_UUID "overrideAnchorUUID"
 #define SYSDB_OVERRIDE_USER_CLASS "userOverride"
@@ -473,6 +474,17 @@ static inline bool is_default_view(const char *view_name)
     }
 }
 
+static inline bool is_local_view(const char *view_name)
+{
+    /* NULL is treated as default */
+    if (view_name != NULL
+            && strcmp(view_name, SYSDB_LOCAL_VIEW_NAME) == 0) {
+        return true;
+    } else {
+        return false;
+    }
+}
+
 errno_t sysdb_delete_view_tree(struct sysdb_ctx *sysdb, const char *view_name);
 
 errno_t sysdb_invalidate_overrides(struct sysdb_ctx *sysdb);
diff --git a/src/db/sysdb_views.c b/src/db/sysdb_views.c
index aadd6018f..1db6c892d 100644
--- a/src/db/sysdb_views.c
+++ b/src/db/sysdb_views.c
@@ -1186,9 +1186,16 @@ errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain,
         override_dn_str = ldb_msg_find_attr_as_string(obj,
                                                       SYSDB_OVERRIDE_DN, NULL);
         if (override_dn_str == NULL) {
+            if (is_local_view(domain->view_name)) {
+                /* LOCAL view doesn't have to have overrideDN specified. */
+                ret = EOK;
+                goto done;
+            }
+
             DEBUG(SSSDBG_CRIT_FAILURE,
                   "Missing override DN for objext [%s].\n",
                   ldb_dn_get_linearized(obj->dn));
+
             ret = ENOENT;
             goto done;
         }