summaryrefslogtreecommitdiffstats
path: root/src/providers/ldap/sdap.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/providers/ldap/sdap.c')
-rw-r--r--src/providers/ldap/sdap.c30
1 files changed, 30 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
index 11ba9cf34..5c4a00557 100644
--- a/src/providers/ldap/sdap.c
+++ b/src/providers/ldap/sdap.c
@@ -903,6 +903,7 @@ int sdap_get_server_opts_from_rootdse(TALLOC_CTX *memctx,
char *endptr = NULL;
int ret;
int i;
+ uint32_t dc_level;
so = talloc_zero(memctx, struct sdap_server_opts);
if (!so) {
@@ -974,6 +975,35 @@ int sdap_get_server_opts_from_rootdse(TALLOC_CTX *memctx,
}
}
}
+
+ /* Detect Active Directory version if available */
+ ret = sysdb_attrs_get_uint32_t(rootdse,
+ SDAP_ROOTDSE_ATTR_AD_VERSION,
+ &dc_level);
+ if (ret == EOK) {
+ /* Validate that the DC level matches an expected value */
+ switch(dc_level) {
+ case DS_BEHAVIOR_WIN2000:
+ case DS_BEHAVIOR_WIN2003:
+ case DS_BEHAVIOR_WIN2008:
+ case DS_BEHAVIOR_WIN2008R2:
+ case DS_BEHAVIOR_WIN2012:
+ opts->dc_functional_level = dc_level;
+ DEBUG(SSSDBG_CONF_SETTINGS,
+ ("Setting AD compatibility level to [%d]\n",
+ opts->dc_functional_level));
+ break;
+ default:
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Received invalid value for AD compatibility level. "
+ "Continuing without AD performance enhancements\n"));
+ }
+ } else if (ret != ENOENT) {
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Error detecting Active Directory compatibility level "
+ "(%s). Continuing without AD performance enhancements\n",
+ strerror(ret)));
+ }
}
if (!last_usn_name) {
generated by cgit (git 2.34.1) at 2024-05-08 16:15:48 +0000