s3-ipasam: Add aliases for trusted domain user

Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Feb 16 12:58:13 CET 2011 on sn-devel-104

1 files changed, 15 insertions, 1 deletions

diff --git a/source3/passdb/pdb_ipa.c b/source3/passdb/pdb_ipa.c
index 3daa06e2a8..3108c5e1f0 100644
--- a/source3/passdb/pdb_ipa.c
+++ b/source3/passdb/pdb_ipa.c
@@ -812,6 +812,8 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
 	NTSTATUS status;
 	int ret;
 	char *princ;
+	const char *domain;
+	char *domain_with_dot;
 
 	dn = get_account_dn(pdb_get_username(sampass));
 	if (dn == NULL) {
@@ -823,6 +825,16 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
 		return NT_STATUS_NO_MEMORY;
 	}
 
+	domain = pdb_get_domain(sampass);
+	if (domain == NULL) {
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
+	domain_with_dot = talloc_asprintf(talloc_tos(), "%s.", domain);
+	if (domain_with_dot == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
 	smbldap_set_mod(&mods, LDAP_MOD_ADD,
 			"objectclass", LDAP_OBJ_KRB_PRINCIPAL);
 	smbldap_set_mod(&mods, LDAP_MOD_ADD,
@@ -832,7 +844,7 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
 	smbldap_set_mod(&mods, LDAP_MOD_ADD,
 			"objectclass", "ipaHost");
 	smbldap_set_mod(&mods, LDAP_MOD_ADD,
-			"fqdn", "dummy.dummy.dummy");
+			"fqdn", domain);
 	smbldap_set_mod(&mods, LDAP_MOD_ADD,
 			"objectclass", "posixAccount");
 	smbldap_set_mod(&mods, LDAP_MOD_ADD,
@@ -841,6 +853,8 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
 			"gidNumber", "12345");
 	smbldap_set_mod(&mods, LDAP_MOD_ADD,
 			"homeDirectory", "/dev/null");
+	smbldap_set_mod(&mods, LDAP_MOD_ADD, "uid", domain);
+	smbldap_set_mod(&mods, LDAP_MOD_ADD, "uid", domain_with_dot);
 
 	ret = smbldap_modify(ldap_state->smbldap_state, dn, mods);
 	ldap_mods_free(mods, true);