From 8c41a21bc98eec99a16258c7b4d79f456d85f856 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lslebodn@redhat.com>
Date: Fri, 24 Jan 2014 17:03:27 +0100
Subject: LDAP: store group if subdomain cannot be found by sid

Domain needn't contain sid if id_provider is ldap.
With enabled id mapping, group couldn't be stored, because domain
couldn't be found by sid.

Resolves:
https://fedorahosted.org/sssd/ticket/2172
---
 src/providers/ldap/sdap_async_groups.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
index f203bc962..1e0d7f69e 100644
--- a/src/providers/ldap/sdap_async_groups.c
+++ b/src/providers/ldap/sdap_async_groups.c
@@ -450,6 +450,7 @@ static int sdap_save_group(TALLOC_CTX *memctx,
     bool posix_group;
     bool use_id_mapping;
     char *sid_str;
+    struct sss_domain_info *subdomain;
     int32_t ad_group_type;
 
     tmpctx = talloc_new(NULL);
@@ -488,11 +489,12 @@ static int sdap_save_group(TALLOC_CTX *memctx,
     /* If this object has a SID available, we will determine the correct
      * domain by its SID. */
     if (sid_str != NULL) {
-        dom = find_subdomain_by_sid(get_domains_head(dom), sid_str);
-        if (dom == NULL) {
-            DEBUG(SSSDBG_OP_FAILURE, ("SID %s does not belong to any known "
+        subdomain = find_subdomain_by_sid(get_domains_head(dom), sid_str);
+        if (subdomain) {
+            dom = subdomain;
+        } else {
+            DEBUG(SSSDBG_TRACE_FUNC, ("SID %s does not belong to any known "
                                       "domain\n", sid_str));
-            return ERR_DOMAIN_NOT_FOUND;
         }
     }
 
-- 
cgit