diff options
| author | Sumit Bose <sbose@redhat.com> | 2016-10-18 18:18:44 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-10-31 12:38:58 +0100 |
| commit | 25699846bd1c9f8bb513b6271eb4366ab682fbd2 (patch) | |
| tree | a82e09018226714430c03f798f9649f69eac06ff /src/db | |
| parent | 49d3f0a487d55571b2bdc9d3f8280b304b964b9d (diff) | |
| download | sssd-25699846bd1c9f8bb513b6271eb4366ab682fbd2.tar.gz sssd-25699846bd1c9f8bb513b6271eb4366ab682fbd2.tar.xz sssd-25699846bd1c9f8bb513b6271eb4366ab682fbd2.zip | |
LDAP/AD: resolve domain local groups for remote users
If a user from a trusted domain in the same forest is a direct or
indirect member of domain local groups from the local domain those
memberships must be resolved as well. Since those domain local groups
are not valid in the trusted domain a DC from the trusted domain which
is used to lookup the user data is not aware of them. As a consequence
those memberships must be resolved against a local DC in a second step.
Resolves https://fedorahosted.org/sssd/ticket/3206
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/db')
| -rw-r--r-- | src/db/sysdb.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index f5d3ddb84..901268390 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -225,6 +225,7 @@ SYSDB_OVERRIDE_OBJECT_DN, \ SYSDB_DEFAULT_OVERRIDE_NAME, \ SYSDB_UUID, \ + SYSDB_ORIG_DN, \ NULL} #define SYSDB_GRSRC_ATTRS {SYSDB_NAME, SYSDB_GIDNUM, \ |