summaryrefslogtreecommitdiffstats
path: root/src/providers/ldap/ldap_id_enum.c
Commit message (Collapse)AuthorAgeFilesLines
* Clean up cache on server reinitializationPavel Březina2012-08-231-4/+2
| | | | | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/734 We successfully detect when the server is reinitialized by testing the new lastUSN value. The maximum USN values are set to zero, but the current cache content remains. This patch removes records that were deleted from the server. It uses the following approach: 1. remove entryUSN attribute from all entries 2. run enumeration 3. remove records that doesn't have entryUSN attribute updated We don't need to do this for sudo rules, they will be refreshed automatically during next smart/full refresh, or when an expired rule is deleted.
* Add support for filtering atributesJan Zeleny2012-05-311-4/+4
| | | | | This patch adds support for filtering attributes when constructing attribute list from a map for LDAP query.
* LDAP: Add attr_count return value to build_attrs_from_map()Stephen Gallagher2012-05-101-2/+2
| | | | | | | This is necessary because in several places in the code, we are appending to the attrs returned from this value, and if we relied on the map size macro, we would be appending after the NULL terminator if one or more attributes were defined as NULL.
* LDAP: Add support for enumeration of ID-mapped users and groupsStephen Gallagher2012-05-031-31/+102
|
* LDAP: Add enumeration support for servicesStephen Gallagher2012-01-311-3/+57
|
* LDAP: Add support for multiple search bases for group enumerationStephen Gallagher2011-11-021-1/+2
|
* LDAP: Add support for multiple search bases for user enumerationStephen Gallagher2011-11-021-1/+2
|
* LDAP: Convert ldap_*_search_filterStephen Gallagher2011-11-021-26/+6
| | | | | | Instead of making this a global option for all user lookups, make it only used if the search base is passed without an explicit filter.
* LDAP: Support multiple group search bases (non-enumeration, RFC2307)Stephen Gallagher2011-11-021-1/+7
|
* LDAP: Support multiple user search bases (non-enumeration)Stephen Gallagher2011-11-021-0/+5
|
* sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny2011-08-151-3/+1
| | | | | The patch also updates code using modified functions. Tests have also been adjusted.
* Fix returning groups when gidNumber attribute is not orderedJakub Hrozek2011-08-041-2/+4
| | | | https://fedorahosted.org/sssd/ticket/951
* Fixed lastUSN checking improvementsJan Zeleny2011-05-041-0/+15
| | | | | | | | This patch fixes some issues with setting lastUSN attribute and it adds check against the highest user/group USN after enumeration to keep better track of the real highest USN. Optimal solution here would be to schedule a check of rootDSE entry right after the enumeration finishes, but for the moment this is good enough.
* Add user and group search LDAP filter optionsJakub Hrozek2011-04-191-6/+26
| | | | https://fedorahosted.org/sssd/ticket/647
* Require existence of username, uid and gid for user enumerationStephen Gallagher2011-03-141-12/+18
| | | | We will ignore users that do not have these three values.
* Require existence of GID number and name in group searchesStephen Gallagher2011-03-141-12/+16
| | | | https://fedorahosted.org/sssd/ticket/824
* Add ldap_search_enumeration_timeout config optionSumit Bose2011-01-171-2/+2
|
* Add timeout parameter to sdap_get_generic_send()Sumit Bose2011-01-171-2/+6
|
* Start first enumeration immediatelyStephen Gallagher2010-12-171-0/+14
| | | | | | | | | | | | | | Previously, we would wait for ten seconds before starting an enumeration. However, this meant that on the first startup (before we had run our first enumeration) there was a ten-second window where clients would immediately get back a response with no entries instead of blocking until the enumeration completed. With this patch, SSSD will now run an enumeration immediately upon startup. Further startups will retain the ten-second delay so as not to slow down system bootups. https://fedorahosted.org/sssd/ticket/616
* ldap: Use USN entries if available.Simo Sorce2010-12-071-26/+25
| | | | Otherwise fallback to the default modifyTimestamp indicator
* Dead assignments cleanup in providers codeJan Zeleny2010-09-081-3/+0
| | | | | | | Dead assignments were deleted. Also prototype of function sdap_access_decide_offline() has been changed, since its return code was never used. Ticket: #586
* Use new LDAP connection framework for LDAP user and group enumeration.eindenbom2010-07-091-236/+131
|
* Properly check that the timeout event was created for cleanup/enumStephen Gallagher2010-06-101-1/+23
| | | | | | | | | We need to make sure that if we didn't create the timeout, that we cancel the request so there's no chance of ending up with two enumerations/cleanups running simultaneously. We'll attempt to reschedule later, if possible. https://fedorahosted.org/sssd/ticket/524
* Fix segfault in GSSAPI reconnect codeStephen Gallagher2010-05-071-2/+6
| | | | | Also clean up some duplicated code into a single common routine sdap_account_info_common_done()
* Better handle sdap_handle memory from callers.Simo Sorce2010-05-031-16/+95
| | | | | | | | | | | | | Always just mark the sdap_handle as not connected and let later _send() functions to take care of freeing the handle before reconnecting. Introduce restart functions to avoid calling _send() functions in _done() functions error paths as this would have the same effect as directly freeing the sdap_handle and cause access to freed memory in sdap_handle_release() By freeing sdap_handle only in the connection _recv() function we guarantee it can never be done within sdap_handle_release() but only in a following event.
* Rename server/ directory to src/Stephen Gallagher2010-02-181-0/+608
Also update BUILD.txt
generated by cgit (git 2.34.1) at 2024-05-03 13:57:19 +0000