From 2c62da337e31217d03f5bf0f768b574d166bb2fe Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 12 Jun 2012 20:29:26 -0400 Subject: LDAP: Auto-detect support for the ldap match rule This patch extends the RootDSE lookup so that we will perform a second request to test whether the match rule syntax can be used. If both groups and initgroups are disabled in the configuration, this lookup request can be skipped. --- src/providers/ldap/sdap.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'src/providers/ldap/sdap.c') diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index cb02f4a5..325825e2 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -179,8 +179,11 @@ int sdap_parse_entry(TALLOC_CTX *memctx, str = ldap_first_attribute(sh->ldap, sm->msg, &ber); if (!str) { ldap_get_option(sh->ldap, LDAP_OPT_RESULT_CODE, &lerrno); - DEBUG(1, ("Entry has no attributes [%d(%s)]!?\n", - lerrno, sss_ldap_err2string(lerrno))); + DEBUG(lerrno == LDAP_SUCCESS + ? SSSDBG_TRACE_INTERNAL + : SSSDBG_MINOR_FAILURE, + ("Entry has no attributes [%d(%s)]!?\n", + lerrno, sss_ldap_err2string(lerrno))); if (map) { ret = EINVAL; goto done; -- cgit