diff options
Diffstat (limited to 'src/providers/ipa')
| -rw-r--r-- | src/providers/ipa/ipa_common.c | 24 | ||||
| -rw-r--r-- | src/providers/ipa/ipa_common.h | 2 | ||||
| -rw-r--r-- | src/providers/ipa/ipa_init.c | 3 |
3 files changed, 21 insertions, 8 deletions
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c index f2de76f3a..00708f676 100644 --- a/src/providers/ipa/ipa_common.c +++ b/src/providers/ipa/ipa_common.c @@ -67,7 +67,8 @@ struct dp_option ipa_def_ldap_opts[] = { { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_pwd_policy", DP_OPT_STRING, { "none" } , NULL_STRING }, { "ldap_referrals", DP_OPT_BOOL, BOOL_TRUE, BOOL_TRUE }, - { "account_cache_expiration", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER } + { "account_cache_expiration", DP_OPT_NUMBER, { .number = 0 }, NULL_NUMBER }, + { "ldap_dns_service_name", DP_OPT_STRING, { SSS_LDAP_SRV_NAME }, NULL_STRING } }; struct sdap_attr_map ipa_attr_map[] = { @@ -156,12 +157,9 @@ int ipa_get_options(TALLOC_CTX *memctx, } } - /* FIXME: Make non-fatal once we have discovery */ server = dp_opt_get_string(opts->basic, IPA_SERVER); if (!server) { - DEBUG(0, ("Can't find ipa server, missing option!\n")); - ret = EINVAL; - goto done; + DEBUG(1, ("No ipa server set, will use service discovery!\n")); } ipa_hostname = dp_opt_get_string(opts->basic, IPA_HOSTNAME); @@ -538,6 +536,10 @@ int ipa_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, } service->krb5_service->realm = realm; + if (!servers) { + servers = BE_SRV_IDENTIFIER; + } + /* split server parm into a list */ ret = split_on_separator(tmp_ctx, servers, ',', true, &list, NULL); if (ret != EOK) { @@ -550,6 +552,18 @@ int ipa_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx, talloc_steal(service, list[i]); + if (be_fo_is_srv_identifier(list[i])) { + ret = be_fo_add_srv_server(ctx, "IPA", "ldap", + FO_PROTO_TCP, ctx->domain->name, NULL); + if (ret) { + DEBUG(0, ("Failed to add server\n")); + goto done; + } + + DEBUG(6, ("Added service lookup for service IPA\n")); + continue; + } + ret = be_fo_add_server(ctx, "IPA", list[i], 0, NULL); if (ret && ret != EEXIST) { DEBUG(0, ("Failed to add server\n")); diff --git a/src/providers/ipa/ipa_common.h b/src/providers/ipa/ipa_common.h index 2b93659eb..9604cab51 100644 --- a/src/providers/ipa/ipa_common.h +++ b/src/providers/ipa/ipa_common.h @@ -35,7 +35,7 @@ struct ipa_service { /* the following defines are used to keep track of the options in the ldap * module, so that if they change and ipa is not updated correspondingly * this will trigger a runtime abort error */ -#define IPA_OPTS_BASIC_TEST 32 +#define IPA_OPTS_BASIC_TEST 33 /* the following define is used to keep track of the options in the krb5 * module, so that if they change and ipa is not updated correspondingly diff --git a/src/providers/ipa/ipa_init.c b/src/providers/ipa/ipa_init.c index 6cdc54cc3..9292f3ec7 100644 --- a/src/providers/ipa/ipa_init.c +++ b/src/providers/ipa/ipa_init.c @@ -72,8 +72,7 @@ int common_ipa_init(struct be_ctx *bectx) ipa_servers = dp_opt_get_string(ipa_options->basic, IPA_SERVER); if (!ipa_servers) { - DEBUG(0, ("Missing ipa_server option!\n")); - return EINVAL; + DEBUG(1, ("Missing ipa_server option - using service discovery!\n")); } ipa_domain = dp_opt_get_string(ipa_options->basic, IPA_DOMAIN); |