diff options
-rw-r--r-- | source3/nsswitch/idmap_ldap.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/source3/nsswitch/idmap_ldap.c b/source3/nsswitch/idmap_ldap.c index 2fb9a17d3f..45d2b344af 100644 --- a/source3/nsswitch/idmap_ldap.c +++ b/source3/nsswitch/idmap_ldap.c @@ -80,11 +80,17 @@ static NTSTATUS get_credentials( TALLOC_CTX *mem_ctx, tmp = lp_parm_const_string(-1, config_option, "ldap_user_dn", NULL); if ( tmp ) { - secret = idmap_fetch_secret("ldap", false, dom->name, tmp); + if (!dom) { + /* only the alloc backend is allowed to pass in a NULL dom */ + secret = idmap_fetch_secret("ldap", true, NULL, tmp); + } else { + secret = idmap_fetch_secret("ldap", false, dom->name, tmp); + } + if (!secret) { DEBUG(0, ("get_credentials: Unable to fetch " "auth credentials for %s in %s\n", - tmp, dom->name)); + tmp, (dom==NULL)?"ALLOC":dom->name)); ret = NT_STATUS_ACCESS_DENIED; goto done; } |