diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-03-14 09:56:22 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-03-14 15:42:34 -0400 |
commit | b46a9e1db77faceece974575e236da76dae3c159 (patch) | |
tree | 2f6ba30f7391b39bc87e4e01942e49b78c58e261 /src/providers/ldap | |
parent | 0112cf9f4a48494f1527018f86f762f2aff63f07 (diff) | |
download | sssd-b46a9e1db77faceece974575e236da76dae3c159.tar.gz sssd-b46a9e1db77faceece974575e236da76dae3c159.tar.bz2 sssd-b46a9e1db77faceece974575e236da76dae3c159.zip |
Require existence of username, uid and gid for user enumeration
We will ignore users that do not have these three values.
Diffstat (limited to 'src/providers/ldap')
-rw-r--r-- | src/providers/ldap/ldap_id_enum.c | 30 |
1 files changed, 18 insertions, 12 deletions
diff --git a/src/providers/ldap/ldap_id_enum.c b/src/providers/ldap/ldap_id_enum.c index 42c29119..6899b87c 100644 --- a/src/providers/ldap/ldap_id_enum.c +++ b/src/providers/ldap/ldap_id_enum.c @@ -441,19 +441,25 @@ static struct tevent_req *enum_users_send(TALLOC_CTX *memctx, state->op = op; if (ctx->srv_opts && ctx->srv_opts->max_user_value && !purge) { - state->filter = talloc_asprintf(state, - "(&(%s=*)(objectclass=%s)(%s>=%s)(!(%s=%s)))", - ctx->opts->user_map[SDAP_AT_USER_NAME].name, - ctx->opts->user_map[SDAP_OC_USER].name, - ctx->opts->user_map[SDAP_AT_USER_USN].name, - ctx->srv_opts->max_user_value, - ctx->opts->user_map[SDAP_AT_USER_USN].name, - ctx->srv_opts->max_user_value); + state->filter = talloc_asprintf( + state, + "(&(objectclass=%s)(%s=*)(%s=*)(%s=*)(%s>=%s)(!(%s=%s)))", + ctx->opts->user_map[SDAP_OC_USER].name, + ctx->opts->user_map[SDAP_AT_USER_NAME].name, + ctx->opts->user_map[SDAP_AT_USER_UID].name, + ctx->opts->user_map[SDAP_AT_USER_GID].name, + ctx->opts->user_map[SDAP_AT_USER_USN].name, + ctx->srv_opts->max_user_value, + ctx->opts->user_map[SDAP_AT_USER_USN].name, + ctx->srv_opts->max_user_value); } else { - state->filter = talloc_asprintf(state, - "(&(%s=*)(objectclass=%s))", - ctx->opts->user_map[SDAP_AT_USER_NAME].name, - ctx->opts->user_map[SDAP_OC_USER].name); + state->filter = talloc_asprintf( + state, + "(&(objectclass=%s)(%s=*)(%s=*)(%s=*))", + ctx->opts->user_map[SDAP_OC_USER].name, + ctx->opts->user_map[SDAP_AT_USER_NAME].name, + ctx->opts->user_map[SDAP_AT_USER_UID].name, + ctx->opts->user_map[SDAP_AT_USER_GID].name); } if (!state->filter) { DEBUG(2, ("Failed to build filter\n")); |