From 20162352030d1c577bb69d44e967d2c5839e5c0e Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 2 Sep 2015 13:41:26 +0200 Subject: IPA: Do not allow the AD lookup code to set backend as offline in server mode MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit https://fedorahosted.org/sssd/ticket/2637 In server mode, we should not allow the AD lookups to set the backend offline. Rather just let them report an error and deal with the error separately. Reviewed-by: Pavel Březina --- src/providers/ipa/ipa_subdomains_id.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'src/providers/ipa/ipa_subdomains_id.c') diff --git a/src/providers/ipa/ipa_subdomains_id.c b/src/providers/ipa/ipa_subdomains_id.c index ad1743ae5..7c609ab6e 100644 --- a/src/providers/ipa/ipa_subdomains_id.c +++ b/src/providers/ipa/ipa_subdomains_id.c @@ -634,6 +634,7 @@ ipa_get_ad_acct_send(TALLOC_CTX *mem_ctx, ret = ENOMEM; goto fail; } + clist[1]->ignore_mark_offline = true; break; default: clist = talloc_zero_array(req, struct sdap_id_conn_ctx *, 2); @@ -642,6 +643,7 @@ ipa_get_ad_acct_send(TALLOC_CTX *mem_ctx, goto fail; } clist[0] = ad_id_ctx->ldap_ctx; + clist[0]->ignore_mark_offline = true; clist[1] = NULL; } @@ -1037,7 +1039,11 @@ ipa_get_ad_acct_ad_part_done(struct tevent_req *subreq) ret = ad_handle_acct_info_recv(subreq, &state->dp_error, NULL); talloc_zfree(subreq); - if (ret != EOK) { + if (ret == ERR_SUBDOM_INACTIVE) { + be_mark_dom_offline(state->obj_dom, be_req_get_be_ctx(state->be_req)); + tevent_req_error(req, ret); + return; + } else if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "AD lookup failed: %d\n", ret); tevent_req_error(req, ret); return; -- cgit