From 6f96c60b9da622d7acb6702e522864e923936866 Mon Sep 17 00:00:00 2001
From: Pavel Reichl <preichl@redhat.com>
Date: Wed, 16 Jul 2014 13:52:43 +0100
Subject: IPA: process non-posix nested groups

Do not expect objectClass to be posixGroup but rather more general
groupofnames.

Resolves:
https://fedorahosted.org/sssd/ticket/2343
---
 src/providers/ipa/ipa_opts.h               | 2 +-
 src/providers/ldap/sdap_async_initgroups.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h
index 0c3a6f55e..5bd7e6dd4 100644
--- a/src/providers/ipa/ipa_opts.h
+++ b/src/providers/ipa/ipa_opts.h
@@ -202,7 +202,7 @@ struct sdap_attr_map ipa_user_map[] = {
 };
 
 struct sdap_attr_map ipa_group_map[] = {
-    { "ldap_group_object_class", "posixGroup", SYSDB_GROUP_CLASS, NULL },
+    { "ldap_group_object_class", "groupofnames", SYSDB_GROUP_CLASS, NULL },
     { "ldap_group_name", "cn", SYSDB_NAME, NULL },
     { "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
     { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c
index 712811f83..d3d09cdb2 100644
--- a/src/providers/ldap/sdap_async_initgroups.c
+++ b/src/providers/ldap/sdap_async_initgroups.c
@@ -962,7 +962,7 @@ static void sdap_initgr_nested_search(struct tevent_req *subreq)
     } else {
         DEBUG(SSSDBG_OP_FAILURE,
               "Search for group %s, returned %zu results. Skipping\n",
-               state->group_dns[state->cur], count);
+              state->group_dns[state->cur], count);
     }
 
     state->cur++;
-- 
cgit