From d38cd6a211d3b68036ceb7bc875f832433afd035 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 11 Apr 2012 21:06:36 -0400 Subject: LDAP: Add id-mapping option --- src/config/SSSDConfig.py | 1 + src/config/etc/sssd.api.d/sssd-ipa.conf | 1 + src/config/etc/sssd.api.d/sssd-ldap.conf | 1 + src/providers/ipa/ipa_opts.h | 1 + src/providers/ldap/ldap_opts.h | 1 + src/providers/ldap/sdap.h | 1 + 6 files changed, 6 insertions(+) diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py index ddad2765..46ca838e 100644 --- a/src/config/SSSDConfig.py +++ b/src/config/SSSDConfig.py @@ -193,6 +193,7 @@ option_strings = { 'ldap_enumeration_refresh_timeout' : _('Length of time between enumeration updates'), 'ldap_purge_cache_timeout' : _('Length of time between cache cleanups'), 'ldap_id_use_start_tls' : _('Require TLS for ID lookups'), + 'ldap_id_mapping' : _('Use ID-mapping of objectSID instead of pre-set IDs'), 'ldap_user_search_base' : _('Base DN for user lookups'), 'ldap_user_search_scope' : _('Scope of user lookups'), 'ldap_user_search_filter' : _('Filter for user lookups'), diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index 7e3d3ff7..162dab57 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -49,6 +49,7 @@ ldap_search_timeout = int, None, false ldap_enumeration_refresh_timeout = int, None, false ldap_purge_cache_timeout = int, None, false ldap_id_use_start_tls = bool, None, false +ldap_id_mapping = bool, None, false ldap_user_search_base = str, None, false ldap_user_search_scope = str, None, false ldap_user_search_filter = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf index df602784..766216f6 100644 --- a/src/config/etc/sssd.api.d/sssd-ldap.conf +++ b/src/config/etc/sssd.api.d/sssd-ldap.conf @@ -41,6 +41,7 @@ ldap_enumeration_search_timeout = int, None, false ldap_enumeration_refresh_timeout = int, None, false ldap_purge_cache_timeout = int, None, false ldap_id_use_start_tls = bool, None, false +ldap_id_mapping = bool, None, false ldap_user_search_base = str, None, false ldap_user_search_scope = str, None, false ldap_user_search_filter = str, None, false diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h index 48c839de..75ce632e 100644 --- a/src/providers/ipa/ipa_opts.h +++ b/src/providers/ipa/ipa_opts.h @@ -79,6 +79,7 @@ struct dp_option ipa_def_ldap_opts[] = { { "ldap_tls_key", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_tls_cipher_suite", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_id_use_start_tls", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }, + { "ldap_id_mapping", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }, { "ldap_sasl_mech", DP_OPT_STRING, { "GSSAPI" } , NULL_STRING }, { "ldap_sasl_authid", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_sasl_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING }, diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h index a609aca9..1f9ca57a 100644 --- a/src/providers/ldap/ldap_opts.h +++ b/src/providers/ldap/ldap_opts.h @@ -61,6 +61,7 @@ struct dp_option default_basic_opts[] = { { "ldap_tls_key", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_tls_cipher_suite", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_id_use_start_tls", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }, + { "ldap_id_mapping", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }, { "ldap_sasl_mech", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_sasl_authid", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_sasl_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING }, diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h index 5109ea86..9ef88004 100644 --- a/src/providers/ldap/sdap.h +++ b/src/providers/ldap/sdap.h @@ -180,6 +180,7 @@ enum sdap_basic_opt { SDAP_TLS_KEY, SDAP_TLS_CIPHER_SUITE, SDAP_ID_TLS, + SDAP_ID_MAPPING, SDAP_SASL_MECH, SDAP_SASL_AUTHID, SDAP_SASL_REALM, -- cgit