diff options
| author | Pavel Březina <pbrezina@redhat.com> | 2016-01-05 13:20:14 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-01-11 11:14:17 +0100 |
| commit | a1c6869c67fcf4971ac843315b97bf46893ca92d (patch) | |
| tree | a91c6c7a7808590909ce8961d5ddcd764150efb3 /src | |
| parent | b978d3e423c18d5697e6c1398c07e444e6f98e3f (diff) | |
| download | sssd-a1c6869c67fcf4971ac843315b97bf46893ca92d.tar.gz sssd-a1c6869c67fcf4971ac843315b97bf46893ca92d.tar.xz sssd-a1c6869c67fcf4971ac843315b97bf46893ca92d.zip | |
AD SRV: prefer site-local DCs in LDAP ping
Resolves:
https://fedorahosted.org/sssd/ticket/2765
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/providers/ad/ad_srv.c | 40 |
1 files changed, 30 insertions, 10 deletions
diff --git a/src/providers/ad/ad_srv.c b/src/providers/ad/ad_srv.c index 123aac6a4..e71927252 100644 --- a/src/providers/ad/ad_srv.c +++ b/src/providers/ad/ad_srv.c @@ -118,7 +118,8 @@ static void ad_get_dc_servers_done(struct tevent_req *subreq); static struct tevent_req *ad_get_dc_servers_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct resolv_ctx *resolv_ctx, - const char *domain) + const char *discovery_domain, + const char *site) { struct ad_get_dc_servers_state *state = NULL; struct tevent_req *req = NULL; @@ -133,20 +134,38 @@ static struct tevent_req *ad_get_dc_servers_send(TALLOC_CTX *mem_ctx, return NULL; } - domains = talloc_zero_array(state, const char *, 2); + domains = talloc_zero_array(state, const char *, 3); if (domains == NULL) { ret = ENOMEM; goto immediately; } - domains[0] = talloc_strdup(domains, domain); - if (domains[0] == NULL) { - ret = ENOMEM; - goto immediately; - } + if (site == NULL) { + DEBUG(SSSDBG_TRACE_FUNC, "Looking up domain controllers in domain " + "%s\n", discovery_domain); - DEBUG(SSSDBG_TRACE_FUNC, "Looking up domain controllers in domain %s\n", - domain); + domains[0] = talloc_strdup(domains, discovery_domain); + if (domains[0] == NULL) { + ret = ENOMEM; + goto immediately; + } + } else { + DEBUG(SSSDBG_TRACE_FUNC, "Looking up domain controllers in domain " + "%s and site %s\n", discovery_domain, site); + + domains[0] = talloc_asprintf(state, AD_SITE_DOMAIN_FMT, + site, discovery_domain); + if (domains[0] == NULL) { + ret = ENOMEM; + goto immediately; + } + + domains[1] = talloc_strdup(domains, discovery_domain); + if (domains[1] == NULL) { + ret = ENOMEM; + goto immediately; + } + } subreq = fo_discover_srv_send(state, ev, resolv_ctx, "ldap", FO_PROTO_TCP, domains); @@ -692,7 +711,8 @@ struct tevent_req *ad_srv_plugin_send(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_TRACE_FUNC, "About to find domain controllers\n"); subreq = ad_get_dc_servers_send(state, ev, ctx->be_res->resolv, - state->discovery_domain); + state->discovery_domain, + state->ctx->ad_site_override); if (subreq == NULL) { ret = ENOMEM; goto immediately; |