diff options
author | Sumit Bose <sbose@redhat.com> | 2016-03-10 17:50:13 +0100 |
---|---|---|
committer | Lukas Slebodnik <lslebodn@redhat.com> | 2016-06-09 11:26:40 +0200 |
commit | cc4caf88344210ea9777d618f0f71935ca5e7f8b (patch) | |
tree | 69c4d2e7751fa0e6403f3db9e19aefd10cd23dbd /src/providers/ipa/ipa_subdomains_server.c | |
parent | 06f9759563f4581981046208cce8ebccaa603e01 (diff) | |
download | sssd-cc4caf88344210ea9777d618f0f71935ca5e7f8b.tar.gz sssd-cc4caf88344210ea9777d618f0f71935ca5e7f8b.tar.xz sssd-cc4caf88344210ea9777d618f0f71935ca5e7f8b.zip |
AD: use krb5_keytab for subdomain initialization
During the initialization of AD subdomains parameters like the SASL auth
id are determined. Since subdomains use a default set of the AD specific
configuration options the default keytab will be used. If krb5_keytab is
set in sssd.conf for the AD domain this keytab should be used for the
subdomains (domains of the same AD forest) as well.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/providers/ipa/ipa_subdomains_server.c')
-rw-r--r-- | src/providers/ipa/ipa_subdomains_server.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/providers/ipa/ipa_subdomains_server.c b/src/providers/ipa/ipa_subdomains_server.c index 33c76cad9..b870d5552 100644 --- a/src/providers/ipa/ipa_subdomains_server.c +++ b/src/providers/ipa/ipa_subdomains_server.c @@ -176,7 +176,8 @@ static struct ad_options *ipa_ad_options_new(struct ipa_id_ctx *id_ctx, ad_options = ad_create_2way_trust_options(id_ctx, id_ctx->server_mode->realm, subdom->name, - id_ctx->server_mode->hostname); + id_ctx->server_mode->hostname, + NULL); } else if (direction & LSA_TRUST_DIRECTION_INBOUND) { ad_options = ipa_create_1way_trust_ctx(id_ctx, forest, forest_realm, subdom); |