summaryrefslogtreecommitdiff
path: root/src/providers/ldap/sdap_async_users.c
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2013-04-19 12:22:03 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-05-02 19:33:56 +0200
commit1ae6d34788fd6ac2278be52b60d77c77073d98f3 (patch)
tree04138c422f8c6fe60eeb9aaeec5e3cda18e84046 /src/providers/ldap/sdap_async_users.c
parent5a6e3cb57cf2d8d4118b58be0574cccea171ca19 (diff)
downloadsssd-1ae6d34788fd6ac2278be52b60d77c77073d98f3.tar.gz
sssd-1ae6d34788fd6ac2278be52b60d77c77073d98f3.tar.bz2
sssd-1ae6d34788fd6ac2278be52b60d77c77073d98f3.zip
LDAP: always store SID if available
Currently the string representation of a SID is only stored in the cache for debugging purpose if SID based ID-mapping is used. This patch unconditionally stores the SID if available to allow SID-to-name mappings from the cache.
Diffstat (limited to 'src/providers/ldap/sdap_async_users.c')
-rw-r--r--src/providers/ldap/sdap_async_users.c42
1 files changed, 30 insertions, 12 deletions
diff --git a/src/providers/ldap/sdap_async_users.c b/src/providers/ldap/sdap_async_users.c
index ccd2f24e..68e646cb 100644
--- a/src/providers/ldap/sdap_async_users.c
+++ b/src/providers/ldap/sdap_async_users.c
@@ -132,22 +132,40 @@ int sdap_save_user(TALLOC_CTX *memctx,
if (el->num_values == 0) shell = NULL;
else shell = (const char *)el->values[0].data;
+ /* Always store SID string if available */
+ ret = sdap_attrs_get_sid_str(tmpctx, opts->idmap_ctx, attrs,
+ opts->user_map[SDAP_AT_USER_OBJECTSID].sys_name,
+ &sid_str);
+ if (ret == EOK) {
+ ret = sysdb_attrs_add_string(user_attrs, SYSDB_SID_STR, sid_str);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_MINOR_FAILURE, ("Could not add SID string: [%s]\n",
+ strerror(ret)));
+ goto done;
+ }
+ } else if (ret == ENOENT) {
+ DEBUG(SSSDBG_TRACE_ALL, ("objectSID: not available for group [%s].\n",
+ name));
+ sid_str = NULL;
+ } else {
+ DEBUG(SSSDBG_MINOR_FAILURE, ("Could not identify objectSID: [%s]\n",
+ strerror(ret)));
+ sid_str = NULL;
+ }
+
+
/* Retrieve or map the UID as appropriate */
if (use_id_mapping) {
- DEBUG(SSSDBG_TRACE_LIBS,
- ("Mapping user [%s] objectSID to unix ID\n", name));
- ret = sdap_attrs_get_sid_str(
- tmpctx, opts->idmap_ctx, attrs,
- opts->user_map[SDAP_AT_USER_OBJECTSID].sys_name,
- &sid_str);
- if (ret != EOK) goto done;
+ if (sid_str == NULL) {
+ DEBUG(SSSDBG_MINOR_FAILURE, ("SID not available, cannot map a " \
+ "unix ID to user [%s].\n", name));
+ ret = ENOENT;
+ goto done;
+ }
- /* Add string representation to the cache for easier
- * debugging
- */
- ret = sysdb_attrs_add_string(user_attrs, SYSDB_SID_STR, sid_str);
- if (ret != EOK) goto done;
+ DEBUG(SSSDBG_TRACE_LIBS,
+ ("Mapping user [%s] objectSID [%s] to unix ID\n", name, sid_str));
/* Convert the SID into a UNIX user ID */
ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str, &uid);