diff options
Diffstat (limited to 'src/providers/ad')
| -rw-r--r-- | src/providers/ad/ad_common.c | 31 | ||||
| -rw-r--r-- | src/providers/ad/ad_common.h | 1 | ||||
| -rw-r--r-- | src/providers/ad/ad_opts.h | 1 |
3 files changed, 20 insertions, 13 deletions
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c index af0ec8399..a5ea4f587 100644 --- a/src/providers/ad/ad_common.c +++ b/src/providers/ad/ad_common.c @@ -1125,26 +1125,31 @@ ad_gc_conn_list(TALLOC_CTX *mem_ctx, struct ad_id_ctx *ad_ctx, struct sss_domain_info *dom) { struct sdap_id_conn_ctx **clist; + int cindex = 0; clist = talloc_zero_array(mem_ctx, struct sdap_id_conn_ctx *, 3); if (clist == NULL) return NULL; /* Always try GC first */ - clist[0] = ad_ctx->gc_ctx; - if (IS_SUBDOMAIN(dom) == true) { - clist[0]->ignore_mark_offline = false; - /* Subdomain users are only present in GC. */ - return clist; + if (dp_opt_get_bool(ad_ctx->ad_options->basic, AD_ENABLE_GC)) { + clist[cindex] = ad_ctx->gc_ctx; + if (IS_SUBDOMAIN(dom) == true) { + clist[cindex]->ignore_mark_offline = false; + /* Subdomain users are only present in GC. */ + return clist; + } + /* fall back to ldap if gc is not available */ + clist[cindex]->ignore_mark_offline = true; + cindex++; } - /* fall back to ldap if gc is not available */ - clist[0]->ignore_mark_offline = true; - - /* With root domain users we have the option to - * fall back to LDAP in case ie POSIX attributes - * are used but not replicated to GC - */ - clist[1] = ad_ctx->ldap_ctx; + if (IS_SUBDOMAIN(dom) == false) { + /* With root domain users we have the option to + * fall back to LDAP in case ie POSIX attributes + * are used but not replicated to GC + */ + clist[cindex] = ad_ctx->ldap_ctx; + } return clist; } diff --git a/src/providers/ad/ad_common.h b/src/providers/ad/ad_common.h index ed5b8584d..d370cef69 100644 --- a/src/providers/ad/ad_common.h +++ b/src/providers/ad/ad_common.h @@ -42,6 +42,7 @@ enum ad_basic_opt { AD_KRB5_REALM, AD_ENABLE_DNS_SITES, AD_ACCESS_FILTER, + AD_ENABLE_GC, AD_OPTS_BASIC /* opts counter */ }; diff --git a/src/providers/ad/ad_opts.h b/src/providers/ad/ad_opts.h index 8022a1627..5b7b1c89f 100644 --- a/src/providers/ad/ad_opts.h +++ b/src/providers/ad/ad_opts.h @@ -36,6 +36,7 @@ struct dp_option ad_basic_opts[] = { { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING}, { "ad_enable_dns_sites", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE }, { "ad_access_filter", DP_OPT_STRING, NULL_STRING, NULL_STRING}, + { "ad_enable_gc", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE }, DP_OPTION_TERMINATOR }; |