4 files changed, 32 insertions, 29 deletions
diff --git a/src/providers/ad/ad_id.c b/src/providers/ad/ad_id.c
index ab3934727..d8ea26875 100644
--- a/src/providers/ad/ad_id.c
+++ b/src/providers/ad/ad_id.c
@@ -350,6 +350,11 @@ ad_account_info_handler(struct be_req *be_req)
         return be_req_terminate(be_req, DP_ERR_OFFLINE, EAGAIN, "Offline");
     }
 
+    if (sdap_is_enum_request(ar)) {
+        DEBUG(SSSDBG_TRACE_LIBS, "Skipping enumeration on demand\n");
+        return sdap_handler_done(be_req, DP_ERR_OK, EOK, "Success");
+    }
+
     /* Try to shortcut if this is ID or SID search and it belongs to
      * other domain range than is in ar->domain. */
     shortcut = ad_account_can_shortcut(be_ctx, sdap_id_ctx->opts->idmap_ctx,
diff --git a/src/providers/ipa/ipa_id.c b/src/providers/ipa/ipa_id.c
index e3a7fffc3..1dcb82d66 100644
--- a/src/providers/ipa/ipa_id.c
+++ b/src/providers/ipa/ipa_id.c
@@ -89,6 +89,11 @@ void ipa_account_info_handler(struct be_req *breq)
 
     ar = talloc_get_type(be_req_get_data(breq), struct be_acct_req);
 
+    if (sdap_is_enum_request(ar)) {
+        DEBUG(SSSDBG_TRACE_LIBS, "Skipping enumeration on demand\n");
+        return sdap_handler_done(breq, DP_ERR_OK, EOK, "Success");
+    }
+
     if (strcasecmp(ar->domain, be_ctx->domain->name) != 0) {
         /* if domain names do not match, this is a subdomain case
          * subdomain lookups are handled differently on the server
diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h
index 57ad1b845..c142af345 100644
--- a/src/providers/ldap/ldap_common.h
+++ b/src/providers/ldap/ldap_common.h
@@ -102,6 +102,9 @@ int sdap_id_setup_tasks(struct be_ctx *be_ctx,
                         be_ptask_recv_t recv_fn,
                         void *pvt);
 
+/* Allow shortcutting an enumeration request */
+bool sdap_is_enum_request(struct be_acct_req *ar);
+
 struct tevent_req *
 sdap_handle_acct_req_send(TALLOC_CTX *mem_ctx,
                           struct be_ctx *be_ctx,
diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c
index 724990653..8ccb36092 100644
--- a/src/providers/ldap/ldap_id.c
+++ b/src/providers/ldap/ldap_id.c
@@ -1358,6 +1358,20 @@ void sdap_account_info_handler(struct be_req *breq)
     return sdap_handle_account_info(breq, ctx, ctx->conn);
 }
 
+bool sdap_is_enum_request(struct be_acct_req *ar)
+{
+    switch (ar->entry_type & BE_REQ_TYPE_MASK) {
+    case BE_REQ_USER:
+    case BE_REQ_GROUP:
+    case BE_REQ_SERVICES:
+        if (ar->filter_type == BE_FILTER_ENUM) {
+            return true;
+        }
+    }
+
+    return false;
+}
+
 /* A generic LDAP account info handler */
 struct sdap_handle_acct_req_state {
     struct be_acct_req *ar;
@@ -1398,16 +1412,6 @@ sdap_handle_acct_req_send(TALLOC_CTX *mem_ctx,
 
     switch (ar->entry_type & BE_REQ_TYPE_MASK) {
     case BE_REQ_USER: /* user */
-
-        /* skip enumerations on demand */
-        if (ar->filter_type == BE_FILTER_ENUM) {
-            DEBUG(SSSDBG_TRACE_LIBS,
-                  "Skipping user enumeration on demand\n");
-            state->err = "Success";
-            ret = EOK;
-            goto done;
-        }
-
         subreq = users_get_send(state, be_ctx->ev, id_ctx,
                                 sdom, conn,
                                 ar->filter_value,
@@ -1418,16 +1422,6 @@ sdap_handle_acct_req_send(TALLOC_CTX *mem_ctx,
         break;
 
     case BE_REQ_GROUP: /* group */
-
-        /* skip enumerations on demand */
-        if (ar->filter_type == BE_FILTER_ENUM) {
-            DEBUG(SSSDBG_TRACE_LIBS,
-                  "Skipping group enumeration on demand\n");
-            state->err = "Success";
-            ret = EOK;
-            goto done;
-        }
-
         subreq = groups_get_send(state, be_ctx->ev, id_ctx,
                                  sdom, conn,
                                  ar->filter_value,
@@ -1472,15 +1466,6 @@ sdap_handle_acct_req_send(TALLOC_CTX *mem_ctx,
         break;
 
     case BE_REQ_SERVICES:
-        /* skip enumerations on demand */
-        if (ar->filter_type == BE_FILTER_ENUM) {
-            DEBUG(SSSDBG_TRACE_LIBS,
-                  "Skipping service enumeration on demand\n");
-            state->err = "Success";
-            ret = EOK;
-            goto done;
-        }
-
         if (ar->filter_type == BE_FILTER_SECID
                 || ar->filter_type == BE_FILTER_UUID) {
             ret = EINVAL;
@@ -1666,6 +1651,11 @@ void sdap_handle_account_info(struct be_req *breq, struct sdap_id_ctx *ctx,
                                  EINVAL, "Invalid private data");
     }
 
+    if (sdap_is_enum_request(ar)) {
+        DEBUG(SSSDBG_TRACE_LIBS, "Skipping enumeration on demand\n");
+        return sdap_handler_done(breq, DP_ERR_OK, EOK, "Success");
+    }
+
     req = sdap_handle_acct_req_send(breq, ctx->be, ar, ctx,
                                     ctx->opts->sdom, conn, true);
     if (req == NULL) {