66 lines
2.8 KiB
Diff
66 lines
2.8 KiB
Diff
From 2bf32678c96304d04e69813fd6d317d981ad2c41 Mon Sep 17 00:00:00 2001
|
|
From: Lukas Slebodnik <lslebodn@redhat.com>
|
|
Date: Tue, 28 Apr 2015 20:26:47 +0200
|
|
Subject: [PATCH 76/99] SDAP: Fix id mapping with disabled subdomains
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
If subdomains are disabled "subdomain_provider = none"
|
|
then auto-discovery discovery of domain SID is disabled.
|
|
It is possible to configure options ldap_idmap_default_domain{,_sid}
|
|
and id mapping should work.
|
|
|
|
However value of option ldap_idmap_default_domain_sid was not assigned to
|
|
sss_domain_info for main domain. It was only used for initialisation of
|
|
sdap_idmap_ctx. As a result of this bug posix attributes were used in
|
|
ldap filter and id mapping worked just for users with posix attributes.
|
|
|
|
[be_get_account_info] (0x0100): Got request for [0x1001][1][name=user]
|
|
[be_req_set_domain] (0x0400):
|
|
Changing request domain from [EXAMPLE.TEST] to [EXAMPLE.TEST]
|
|
[sdap_idmap_domain_has_algorithmic_mapping] (0x0080):
|
|
Could not parse domain SID from [(null)]
|
|
[sdap_idmap_domain_has_algorithmic_mapping] (0x0080):
|
|
Could not parse domain SID from [(null)]
|
|
[sdap_search_user_next_base] (0x0400):
|
|
Searching for users with base [DC=EXAMPLE,DC=TEST]
|
|
[sdap_get_generic_ext_step] (0x0400):
|
|
calling ldap_search_ext with
|
|
[(&(sAMAccountName=hdpadmin)(objectclass=user)
|
|
(sAMAccountName=*)(&(uidNumber=*)(!(uidNumber=0))))]
|
|
[DC=EXAMPLE,DC=TEST].
|
|
[sdap_search_user_process] (0x0400): Search for users, returned 0 results.
|
|
[sdap_get_users_done] (0x0040): Failed to retrieve users
|
|
|
|
Resolves:
|
|
https://fedorahosted.org/sssd/ticket/2635
|
|
|
|
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
(cherry picked from commit 21687d1d553579e81aa43bfa20f2e70fb39e8461)
|
|
---
|
|
src/providers/ldap/sdap_idmap.c | 7 +++++++
|
|
1 file changed, 7 insertions(+)
|
|
|
|
diff --git a/src/providers/ldap/sdap_idmap.c b/src/providers/ldap/sdap_idmap.c
|
|
index 0a82e61f788b663e564d68c5d48bb705a33584eb..dd959b2c133b342f105f76c26c889d678ce40391 100644
|
|
--- a/src/providers/ldap/sdap_idmap.c
|
|
+++ b/src/providers/ldap/sdap_idmap.c
|
|
@@ -288,6 +288,13 @@ sdap_idmap_init(TALLOC_CTX *mem_ctx,
|
|
|
|
sid_str = dp_opt_get_string(idmap_ctx->id_ctx->opts->basic, SDAP_IDMAP_DEFAULT_DOMAIN_SID);
|
|
if (sid_str) {
|
|
+ struct sss_domain_info *domain = idmap_ctx->id_ctx->be->domain;
|
|
+ domain->domain_id = talloc_strdup(domain, sid_str);
|
|
+ if (domain->domain_id == NULL) {
|
|
+ ret = ENOMEM;
|
|
+ goto done;
|
|
+ }
|
|
+
|
|
/* Set the default domain as slice 0 */
|
|
ret = sdap_idmap_add_domain(idmap_ctx, dom_name,
|
|
sid_str, 0);
|
|
--
|
|
2.4.0
|
|
|