summaryrefslogtreecommitdiff
path: root/src/confdb
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2013-07-12 15:19:02 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-07-19 13:47:05 +0200
commit52ae806bd17c3c00d70bd1aed437f10f5ae51a1c (patch)
treee96db99e43762ded9201f9c0e1f7bef44a01fe10 /src/confdb
parentb4486ce81fefae716549959eaa82612dac63cbe5 (diff)
downloadsssd-52ae806bd17c3c00d70bd1aed437f10f5ae51a1c.tar.gz
sssd-52ae806bd17c3c00d70bd1aed437f10f5ae51a1c.tar.bz2
sssd-52ae806bd17c3c00d70bd1aed437f10f5ae51a1c.zip
IPA: warn if full_name_format is customized in server mode
https://fedorahosted.org/sssd/ticket/2009 If the IPA server mode is on and the SSSD is running on the IPA server, then the server's extdom plugin calls getpwnam_r to read info about trusted users from the AD server and return them to the clients that called the extended operation. The SSSD returns the subdomain users fully-qualified, ie "user@domain" by default. The format of the fully qualified name is configurable. However, the extdom plugin returns the user name without the domain component. With this patch, when ipa_server_mode is on, warn if the full_name_format is set to a non-default value. That would prompt the admin to change the format if he changed it to something exotic.
Diffstat (limited to 'src/confdb')
-rw-r--r--src/confdb/confdb.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index 01eade2b..3e88b78f 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -71,6 +71,8 @@
/* Both monitor and domains */
#define CONFDB_NAME_REGEX "re_expression"
#define CONFDB_FULL_NAME_FORMAT "full_name_format"
+#define CONFDB_DEFAULT_FULL_NAME_FORMAT "%1$s@%2$s%3$s"
+#define CONFDB_DEFAULT_FULL_NAME_FORMAT_OLD "%1$s@%2$s"
/* Responders */
#define CONFDB_RESPONDER_GET_DOMAINS_TIMEOUT "get_domains_timeout"