From ee633d9fe3b48a88387edab7978bb16422525d21 Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Sat, 24 Oct 2009 12:27:42 -0400
Subject: Add proper support for IPA/AD schemas

Nested groups weren't properly handled.
Add 2 pass strategy to update groups memberships
Stuff work as expected when enumeration is enabled now.
---
 server/providers/ldap/ldap_common.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'server/providers/ldap/ldap_common.c')

diff --git a/server/providers/ldap/ldap_common.c b/server/providers/ldap/ldap_common.c
index b03e58fcc..bb836c1ee 100644
--- a/server/providers/ldap/ldap_common.c
+++ b/server/providers/ldap/ldap_common.c
@@ -162,6 +162,16 @@ int ldap_get_options(TALLOC_CTX *memctx,
         opts->schema_type = SDAP_SCHEMA_RFC2307BIS;
         default_user_map = rfc2307bis_user_map;
         default_group_map = rfc2307bis_group_map;
+    } else
+    if (strcasecmp(schema, "IPA") == 0) {
+        opts->schema_type = SDAP_SCHEMA_IPA_V1;
+        default_user_map = rfc2307bis_user_map;
+        default_group_map = rfc2307bis_group_map;
+    } else
+    if (strcasecmp(schema, "AD") == 0) {
+        opts->schema_type = SDAP_SCHEMA_AD;
+        default_user_map = rfc2307bis_user_map;
+        default_group_map = rfc2307bis_group_map;
     } else {
         DEBUG(0, ("Unrecognized schema type: %s\n", schema));
         ret = EINVAL;
-- 
cgit