Add alternative objectClass to group attribute maps

In IPA we sometimes need to use posixGroup and
sometimes groupOfNames objectclass to query the
groups. This patch adds the possibility to specify
alternative objectclass in group maps. By
default it is only set for IPA.

Fixes:
https://fedorahosted.org/sssd/ticket/2436

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

4 files changed, 7 insertions, 1 deletions

diff --git a/src/providers/ad/ad_opts.h b/src/providers/ad/ad_opts.h
index 1429b990..452516cd 100644
--- a/src/providers/ad/ad_opts.h
+++ b/src/providers/ad/ad_opts.h
@@ -215,6 +215,7 @@ struct sdap_attr_map ad_2008r2_user_map[] = {
 
 struct sdap_attr_map ad_2008r2_group_map[] = {
     { "ldap_group_object_class", "group", SYSDB_GROUP_CLASS, NULL },
+    { "ldap_group_object_class_alt", NULL, SYSDB_GROUP_CLASS, NULL },
     { "ldap_group_name", "name", SYSDB_NAME, NULL },
     { "ldap_group_pwd", NULL, SYSDB_PWD, NULL },
     { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h
index 73decc75..30cb96b3 100644
--- a/src/providers/ipa/ipa_opts.h
+++ b/src/providers/ipa/ipa_opts.h
@@ -204,7 +204,8 @@ struct sdap_attr_map ipa_user_map[] = {
 };
 
 struct sdap_attr_map ipa_group_map[] = {
-    { "ldap_group_object_class", "groupofnames", SYSDB_GROUP_CLASS, NULL },
+    { "ldap_group_object_class", "groupOfNames", SYSDB_GROUP_CLASS, NULL },
+    { "ldap_group_object_class_alt", "posixGroup", SYSDB_GROUP_CLASS, NULL },
     { "ldap_group_name", "cn", SYSDB_NAME, NULL },
     { "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
     { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h
index 7c3b4e01..0a33289f 100644
--- a/src/providers/ldap/ldap_opts.h
+++ b/src/providers/ldap/ldap_opts.h
@@ -183,6 +183,7 @@ struct sdap_attr_map rfc2307_user_map[] = {
 
 struct sdap_attr_map rfc2307_group_map[] = {
     { "ldap_group_object_class", "posixGroup", SYSDB_GROUP_CLASS, NULL },
+    { "ldap_group_object_class_alt", NULL, SYSDB_GROUP_CLASS, NULL },
     { "ldap_group_name", "cn", SYSDB_NAME, NULL },
     { "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
     { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
@@ -234,6 +235,7 @@ struct sdap_attr_map rfc2307bis_user_map[] = {
 
 struct sdap_attr_map rfc2307bis_group_map[] = {
     { "ldap_group_object_class", "posixGroup", SYSDB_GROUP_CLASS, NULL },
+    { "ldap_group_object_class_alt", NULL, SYSDB_GROUP_CLASS, NULL },
     { "ldap_group_name", "cn", SYSDB_NAME, NULL },
     { "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
     { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
@@ -285,6 +287,7 @@ struct sdap_attr_map gen_ad2008r2_user_map[] = {
 
 struct sdap_attr_map gen_ad2008r2_group_map[] = {
     { "ldap_group_object_class", "group", SYSDB_GROUP_CLASS, NULL },
+    { "ldap_group_object_class_alt", NULL, SYSDB_GROUP_CLASS, NULL },
     { "ldap_group_name", "name", SYSDB_NAME, NULL },
     { "ldap_group_pwd", NULL, SYSDB_PWD, NULL },
     { "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h
index 41063149..937869d1 100644
--- a/src/providers/ldap/sdap.h
+++ b/src/providers/ldap/sdap.h
@@ -291,6 +291,7 @@ enum sdap_user_attrs {
  * Functions depend on this */
 enum sdap_group_attrs {
     SDAP_OC_GROUP = 0,
+    SDAP_OC_GROUP_ALT,
     SDAP_AT_GROUP_NAME,
     SDAP_AT_GROUP_PWD,
     SDAP_AT_GROUP_GID,