Require existence of GID number and name in group searches

https://fedorahosted.org/sssd/ticket/824
author: Stephen Gallagher <sgallagh@redhat.com> 2011-03-11 05:06:48 -0500
committer: Stephen Gallagher <sgallagh@redhat.com> 2011-03-14 15:42:19 -0400
commit: 0febc32cf0b544361aa094d2f1dc767191bd8118 (patch)
tree: f2ca656c53813079571a9c0f75e03e119d541565 /src/providers/ldap/ldap_id_enum.c
parent: bb281be59d157ce6f22a9dc6f4431f7b5bc06656 (diff)
download: sssd_unused-0febc32cf0b544361aa094d2f1dc767191bd8118.tar.gz
sssd_unused-0febc32cf0b544361aa094d2f1dc767191bd8118.tar.xz
sssd_unused-0febc32cf0b544361aa094d2f1dc767191bd8118.zip
1 files changed, 16 insertions, 12 deletions
diff --git a/src/providers/ldap/ldap_id_enum.c b/src/providers/ldap/ldap_id_enum.c
index f47ee9fb..42c29119 100644
--- a/src/providers/ldap/ldap_id_enum.c
+++ b/src/providers/ldap/ldap_id_enum.c
@@ -546,19 +546,23 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx,
     state->op = op;
 
     if (ctx->srv_opts && ctx->srv_opts->max_group_value && !purge) {
-        state->filter = talloc_asprintf(state,
-                              "(&(%s=*)(objectclass=%s)(%s>=%s)(!(%s=%s)))",
-                              ctx->opts->group_map[SDAP_AT_GROUP_NAME].name,
-                              ctx->opts->group_map[SDAP_OC_GROUP].name,
-                              ctx->opts->group_map[SDAP_AT_GROUP_USN].name,
-                              ctx->srv_opts->max_group_value,
-                              ctx->opts->group_map[SDAP_AT_GROUP_USN].name,
-                              ctx->srv_opts->max_group_value);
+        state->filter = talloc_asprintf(
+                state,
+                "(&(objectclass=%s)(%s=*)(%s=*)(%s>=%s)(!(%s=%s)))",
+                ctx->opts->group_map[SDAP_OC_GROUP].name,
+                ctx->opts->group_map[SDAP_AT_GROUP_NAME].name,
+                ctx->opts->group_map[SDAP_AT_GROUP_GID].name,
+                ctx->opts->group_map[SDAP_AT_GROUP_USN].name,
+                ctx->srv_opts->max_group_value,
+                ctx->opts->group_map[SDAP_AT_GROUP_USN].name,
+                ctx->srv_opts->max_group_value);
     } else {
-        state->filter = talloc_asprintf(state,
-                              "(&(%s=*)(objectclass=%s))",
-                              ctx->opts->group_map[SDAP_AT_GROUP_NAME].name,
-                              ctx->opts->group_map[SDAP_OC_GROUP].name);
+        state->filter = talloc_asprintf(
+                state,
+                "(&(objectclass=%s)(%s=*)(%s=*))",
+                ctx->opts->group_map[SDAP_OC_GROUP].name,
+                ctx->opts->group_map[SDAP_AT_GROUP_NAME].name,
+                ctx->opts->group_map[SDAP_AT_GROUP_GID].name);
     }
     if (!state->filter) {
         DEBUG(2, ("Failed to build filter\n"));
author	Stephen Gallagher <sgallagh@redhat.com>	2011-03-11 05:06:48 -0500
committer	Stephen Gallagher <sgallagh@redhat.com>	2011-03-14 15:42:19 -0400
commit	0febc32cf0b544361aa094d2f1dc767191bd8118 (patch)
tree	f2ca656c53813079571a9c0f75e03e119d541565 /src/providers/ldap/ldap_id_enum.c
parent	bb281be59d157ce6f22a9dc6f4431f7b5bc06656 (diff)
download	sssd_unused-0febc32cf0b544361aa094d2f1dc767191bd8118.tar.gz sssd_unused-0febc32cf0b544361aa094d2f1dc767191bd8118.tar.xz sssd_unused-0febc32cf0b544361aa094d2f1dc767191bd8118.zip