diff options
| author | Sumit Bose <sbose@redhat.com> | 2013-06-12 15:47:26 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-06-28 20:20:59 +0200 |
| commit | b56b06e199f15a8a840b36bc7cb8010e39ae761d (patch) | |
| tree | 214e4533ce5b8def6543645279325ee84864380b /src/providers/ldap/ldap_id.c | |
| parent | b2c7b6fe7a6b9ef3af8d4d3037fe83d6e9bfd6a5 (diff) | |
| download | sssd-b56b06e199f15a8a840b36bc7cb8010e39ae761d.tar.gz sssd-b56b06e199f15a8a840b36bc7cb8010e39ae761d.tar.bz2 sssd-b56b06e199f15a8a840b36bc7cb8010e39ae761d.zip | |
Replace SDAP_ID_MAPPING checks with sdap_idmap_domain_has_algorithmic_mapping
Currently the decision if external or algorithmic mapping should be used
in the LDAP or AD provider was based on the value of the ldap_id_mapping
config option. Since now all information about ID mapping is handled by
libsss_idmap the check for this options can be replace with a call which
checks the state via libss_idmap.
https://fedorahosted.org/sssd/ticket/1961
Diffstat (limited to 'src/providers/ldap/ldap_id.c')
| -rw-r--r-- | src/providers/ldap/ldap_id.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c index d76a81a3..addb2f3c 100644 --- a/src/providers/ldap/ldap_id.c +++ b/src/providers/ldap/ldap_id.c @@ -79,6 +79,7 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx, uid_t uid; enum idmap_error_code err; char *sid; + bool use_id_mapping; req = tevent_req_create(memctx, &state, struct users_get_state); if (!req) return NULL; @@ -102,6 +103,9 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx, state->name = name; state->filter_type = filter_type; + use_id_mapping = sdap_idmap_domain_has_algorithmic_mapping( + ctx->opts->idmap_ctx, + sdom->dom->domain_id); switch (filter_type) { case BE_FILTER_NAME: attr_name = ctx->opts->user_map[SDAP_AT_USER_NAME].name; @@ -111,7 +115,7 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx, } break; case BE_FILTER_IDNUM: - if (dp_opt_get_bool(ctx->opts->basic, SDAP_ID_MAPPING)) { + if (use_id_mapping) { /* If we're ID-mapping, we need to use the objectSID * in the search filter. */ @@ -416,7 +420,7 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx, gid_t gid; enum idmap_error_code err; char *sid; - bool use_id_mapping = dp_opt_get_bool(ctx->opts->basic, SDAP_ID_MAPPING); + bool use_id_mapping; const char *member_filter[2]; req = tevent_req_create(memctx, &state, struct groups_get_state); @@ -441,6 +445,10 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx, state->name = name; state->filter_type = filter_type; + use_id_mapping = sdap_idmap_domain_has_algorithmic_mapping( + ctx->opts->idmap_ctx, + sdom->dom->domain_id); + switch(filter_type) { case BE_FILTER_NAME: attr_name = ctx->opts->group_map[SDAP_AT_GROUP_NAME].name; @@ -451,7 +459,7 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx, } break; case BE_FILTER_IDNUM: - if (dp_opt_get_bool(ctx->opts->basic, SDAP_ID_MAPPING)) { + if (use_id_mapping) { /* If we're ID-mapping, we need to use the objectSID * in the search filter. */ |