From 0fafb51756913e78dbf523a69fc3a4ef2bac54ec Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Wed, 27 Aug 2014 17:21:26 +0200
Subject: LDAP: Fall back to functional level of Windows Server 2003
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The newest functional level we branch for is currently
DS_BEHAVIOR_WIN2003. Therefore (and also because extended support for
Windows server 2003 ends in 2015) we can safely set the functional level
to 2003 if the attribute is present but not a known value.

Reviewed-by: Pavel Březina <pbrezina@redhat.com>
---
 src/providers/ldap/sdap.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
index 56faf5123..f2178dd0a 100644
--- a/src/providers/ldap/sdap.c
+++ b/src/providers/ldap/sdap.c
@@ -1196,7 +1196,8 @@ int sdap_get_server_opts_from_rootdse(TALLOC_CTX *memctx,
             default:
                 DEBUG(SSSDBG_MINOR_FAILURE,
                       "Received invalid value for AD compatibility level. "
-                       "Continuing without AD performance enhancements\n");
+                      "Using the lowest-common compatibility level\n");
+                opts->dc_functional_level = DS_BEHAVIOR_WIN2003;
             }
         } else if (ret != ENOENT) {
             DEBUG(SSSDBG_MINOR_FAILURE,
-- 
cgit