diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/ldap/sdap.c | 51 | ||||
-rw-r--r-- | src/providers/ldap/sdap.h | 12 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 76 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_initgroups.c | 51 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_users.c | 81 |
5 files changed, 159 insertions, 112 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index 5497d943..7741030c 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -1209,3 +1209,54 @@ int sdap_replace_id(struct sysdb_attrs *entry, const char *attr, id_t val) return EOK; } + +static errno_t +sdap_get_primary_name(TALLOC_CTX *memctx, + const char *attr_name, + struct sysdb_attrs *attrs, + struct sss_domain_info *dom, + const char **_primary_name) +{ + errno_t ret; + const char *orig_name = NULL; + char *name; + + ret = sysdb_attrs_primary_name(dom->sysdb, attrs, attr_name, &orig_name); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("The object has no name attribute\n")); + return EINVAL; + } + + name = sss_get_domain_name(memctx, orig_name, dom); + if (name == NULL) { + DEBUG(SSSDBG_OP_FAILURE, + ("Failed to format original name [%s]\n", orig_name)); + return ENOMEM; + } + DEBUG(SSSDBG_TRACE_FUNC, ("Processing object %s\n", name)); + + *_primary_name = name; + return EOK; +} + +errno_t sdap_get_user_primary_name(TALLOC_CTX *memctx, + struct sdap_options *opts, + struct sysdb_attrs *attrs, + struct sss_domain_info *dom, + const char **_user_name) +{ + return sdap_get_primary_name(memctx, + opts->group_map[SDAP_AT_USER_NAME].name, + attrs, dom, _user_name); +} + +errno_t sdap_get_group_primary_name(TALLOC_CTX *memctx, + struct sdap_options *opts, + struct sysdb_attrs *attrs, + struct sss_domain_info *dom, + const char **_group_name) +{ + return sdap_get_primary_name(memctx, + opts->group_map[SDAP_AT_GROUP_NAME].name, + attrs, dom, _group_name); +} diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h index 24d208a2..6d24982b 100644 --- a/src/providers/ldap/sdap.h +++ b/src/providers/ldap/sdap.h @@ -492,6 +492,18 @@ int sdap_control_create(struct sdap_handle *sh, const char *oid, int iscritical, int sdap_replace_id(struct sysdb_attrs *entry, const char *attr, id_t val); +errno_t sdap_get_group_primary_name(TALLOC_CTX *memctx, + struct sdap_options *opts, + struct sysdb_attrs *attrs, + struct sss_domain_info *dom, + const char **_group_name); + +errno_t sdap_get_user_primary_name(TALLOC_CTX *memctx, + struct sdap_options *opts, + struct sysdb_attrs *attrs, + struct sss_domain_info *dom, + const char **_user_name); + errno_t sdap_set_config_options_with_rootdse(struct sysdb_attrs *rootdse, struct sdap_options *opts, struct sdap_domain *sdom); diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index c3b5914a..aa30cd0b 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -428,8 +428,7 @@ static int sdap_save_group(TALLOC_CTX *memctx, { struct ldb_message_element *el; struct sysdb_attrs *group_attrs; - const char *name = NULL; - char *group_name; + const char *group_name; gid_t gid; errno_t ret; char *usn_value = NULL; @@ -450,14 +449,12 @@ static int sdap_save_group(TALLOC_CTX *memctx, goto done; } - ret = sysdb_attrs_primary_name(ctx, attrs, - opts->group_map[SDAP_AT_GROUP_NAME].name, - &name); + ret = sdap_get_group_primary_name(tmpctx, opts, attrs, dom, &group_name); if (ret != EOK) { - DEBUG(1, ("Failed to save the group - entry has no name attribute\n")); + DEBUG(SSSDBG_OP_FAILURE, ("Failed to get group name\n")); goto done; } - DEBUG(SSSDBG_TRACE_FUNC, ("Processing group %s\n", name)); + DEBUG(SSSDBG_TRACE_FUNC, ("Processing group %s\n", group_name)); /* Always store SID string if available */ ret = sdap_attrs_get_sid_str(tmpctx, opts->idmap_ctx, attrs, @@ -472,7 +469,7 @@ static int sdap_save_group(TALLOC_CTX *memctx, } } else if (ret == ENOENT) { DEBUG(SSSDBG_TRACE_ALL, ("objectSID: not available for group [%s].\n", - name)); + group_name)); sid_str = NULL; } else { DEBUG(SSSDBG_MINOR_FAILURE, ("Could not identify objectSID: [%s]\n", @@ -487,14 +484,14 @@ static int sdap_save_group(TALLOC_CTX *memctx, if (sid_str == NULL) { DEBUG(SSSDBG_MINOR_FAILURE, ("SID not available, cannot map a " \ - "unix ID to group [%s].\n", name)); + "unix ID to group [%s].\n", group_name)); ret = ENOENT; goto done; } DEBUG(SSSDBG_TRACE_LIBS, ("Mapping group [%s] objectSID [%s] to unix ID\n", - name, sid_str)); + group_name, sid_str)); /* Convert the SID into a UNIX group ID */ ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str, &gid); @@ -544,7 +541,7 @@ static int sdap_save_group(TALLOC_CTX *memctx, &gid); if (ret != EOK) { DEBUG(1, ("no gid provided for [%s] in domain [%s].\n", - name, dom->name)); + group_name, dom->name)); ret = EINVAL; goto done; } @@ -553,8 +550,8 @@ static int sdap_save_group(TALLOC_CTX *memctx, /* check that the gid is valid for this domain */ if (posix_group) { if (OUT_OF_ID_RANGE(gid, dom->id_min, dom->id_max)) { - DEBUG(2, ("Group [%s] filtered out! (id out of range)\n", - name)); + DEBUG(SSSDBG_MINOR_FAILURE, + ("Group [%s] filtered out! (id out of range)\n", group_name)); ret = EINVAL; goto done; } @@ -562,7 +559,7 @@ static int sdap_save_group(TALLOC_CTX *memctx, } ret = sdap_attrs_add_string(attrs, SYSDB_ORIG_DN, "original DN", - name, group_attrs); + group_name, group_attrs); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, ("Error setting original DN: [%s]\n", @@ -573,7 +570,7 @@ static int sdap_save_group(TALLOC_CTX *memctx, ret = sdap_attrs_add_string(attrs, opts->group_map[SDAP_AT_GROUP_MODSTAMP].sys_name, "original mod-Timestamp", - name, group_attrs); + group_name, group_attrs); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, ("Error setting mod timestamp: [%s]\n", @@ -590,8 +587,8 @@ static int sdap_save_group(TALLOC_CTX *memctx, goto done; } if (el->num_values == 0) { - DEBUG(7, ("Original USN value is not available for [%s].\n", - name)); + DEBUG(SSSDBG_TRACE_FUNC, + ("Original USN value is not available for [%s].\n", group_name)); } else { ret = sysdb_attrs_add_string(group_attrs, opts->group_map[SDAP_AT_GROUP_USN].sys_name, @@ -617,20 +614,12 @@ static int sdap_save_group(TALLOC_CTX *memctx, goto done; } - ret = sdap_save_all_names(name, attrs, dom, group_attrs); + ret = sdap_save_all_names(group_name, attrs, dom, group_attrs); if (ret != EOK) { DEBUG(1, ("Failed to save group names\n")); goto done; } - - DEBUG(6, ("Storing info for group %s\n", name)); - - group_name = sss_get_domain_name(tmpctx, name, dom); - if (!group_name) { - DEBUG(SSSDBG_OP_FAILURE, ("failed to format user name,\n")); - ret = ENOMEM; - goto done; - } + DEBUG(SSSDBG_TRACE_FUNC, ("Storing info for group %s\n", group_name)); ret = sdap_store_group_with_gid(ctx, dom, group_name, gid, group_attrs, @@ -654,7 +643,7 @@ done: if (ret) { DEBUG(SSSDBG_MINOR_FAILURE, ("Failed to save group [%s]: [%s]\n", - name ? name : "Unknown", + group_name ? group_name : "Unknown", strerror(ret))); } talloc_free(tmpctx); @@ -677,17 +666,17 @@ static int sdap_save_grpmem(TALLOC_CTX *memctx, { struct ldb_message_element *el; struct sysdb_attrs *group_attrs = NULL; - const char *name; + const char *group_name; char **userdns = NULL; size_t nuserdns = 0; int ret; - ret = sysdb_attrs_primary_name(ctx, attrs, - opts->group_map[SDAP_AT_GROUP_NAME].name, - &name); + ret = sdap_get_group_primary_name(memctx, opts, attrs, dom, &group_name); if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, ("Failed to get group name\n")); goto fail; } + DEBUG(SSSDBG_TRACE_FUNC, ("Processing group %s\n", group_name)); /* With AD we also want to merge in parent groups of primary GID as they * are reported with tokenGroups, too @@ -705,11 +694,13 @@ static int sdap_save_grpmem(TALLOC_CTX *memctx, if (ret != EOK) { goto fail; } - if (el->num_values == 0 && nuserdns == 0) { - DEBUG(7, ("No members for group [%s]\n", name)); + if (el->num_values == 0 && nuserdns == 0) { + DEBUG(SSSDBG_TRACE_FUNC, + ("No members for group [%s]\n", group_name)); } else { - DEBUG(7, ("Adding member users to group [%s]\n", name)); + DEBUG(SSSDBG_TRACE_FUNC, + ("Adding member users to group [%s]\n", group_name)); group_attrs = sysdb_new_attrs(memctx); if (!group_attrs) { @@ -725,16 +716,15 @@ static int sdap_save_grpmem(TALLOC_CTX *memctx, } } - DEBUG(6, ("Storing members for group %s\n", name)); - - ret = sysdb_store_group(ctx, dom, name, 0, group_attrs, + ret = sysdb_store_group(ctx, dom, group_name, 0, group_attrs, dom->group_timeout, now); if (ret) goto fail; return EOK; fail: - DEBUG(2, ("Failed to save user %s\n", name)); + DEBUG(SSSDBG_OP_FAILURE, + ("Failed to save members of group %s\n", group_name)); return ret; } @@ -2049,11 +2039,11 @@ static errno_t sdap_nested_group_populate_users(TALLOC_CTX *mem_ctx, in_transaction = true; for (i = 0; i < num_users; i++) { - ret = sysdb_attrs_primary_name(sysdb, users[i], - opts->user_map[SDAP_AT_USER_NAME].name, - &username); + ret = sdap_get_user_primary_name(tmp_ctx, opts, users[i], + domain, &username); if (ret != EOK) { - DEBUG(1, ("User entry %d has no name attribute. Skipping\n", i)); + DEBUG(SSSDBG_MINOR_FAILURE, + ("User entry %d has no name attribute. Skipping\n", i)); continue; } diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c index 4c379fdf..ec1cf3e6 100644 --- a/src/providers/ldap/sdap_async_initgroups.c +++ b/src/providers/ldap/sdap_async_initgroups.c @@ -39,7 +39,7 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, TALLOC_CTX *tmp_ctx; struct ldb_message *msg; int i, mi, ai; - const char *name; + const char *groupname; const char *original_dn; char **missing; gid_t gid; @@ -106,20 +106,20 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, for (i=0; missing[i]; i++) { /* The group is not in sysdb, need to add a fake entry */ for (ai=0; ai < ldap_groups_count; ai++) { - ret = sysdb_attrs_primary_name(sysdb, ldap_groups[ai], - opts->group_map[SDAP_AT_GROUP_NAME].name, - &name); + ret = sdap_get_group_primary_name(tmp_ctx, opts, ldap_groups[ai], + domain, &groupname); if (ret != EOK) { - DEBUG(1, ("The group has no name attribute\n")); + DEBUG(SSSDBG_CRIT_FAILURE, + ("The group has no name attribute\n")); goto done; } - if (strcmp(name, missing[i]) == 0) { + if (strcmp(groupname, missing[i]) == 0) { posix = true; if (use_id_mapping) { DEBUG(SSSDBG_TRACE_LIBS, - ("Mapping group [%s] objectSID to unix ID\n", name)); + ("Mapping group [%s] objectSID to unix ID\n", groupname)); ret = sdap_attrs_get_sid_str( tmp_ctx, opts->idmap_ctx, ldap_groups[ai], @@ -129,7 +129,7 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, DEBUG(SSSDBG_TRACE_INTERNAL, ("Group [%s] has objectSID [%s]\n", - name, sid_str)); + groupname, sid_str)); /* Convert the SID into a UNIX group ID */ ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str, @@ -137,7 +137,7 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, if (ret == EOK) { DEBUG(SSSDBG_TRACE_INTERNAL, ("Group [%s] has mapped gid [%lu]\n", - name, (unsigned long)gid)); + groupname, (unsigned long)gid)); } else { posix = false; gid = 0; @@ -145,7 +145,7 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, DEBUG(SSSDBG_TRACE_INTERNAL, ("Group [%s] cannot be mapped. " "Treating as a non-POSIX group\n", - name)); + groupname)); } } else { @@ -153,9 +153,11 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, SYSDB_GIDNUM, &gid); if (ret == ENOENT || (ret == EOK && gid == 0)) { - DEBUG(9, ("The group %s gid was %s\n", - name, ret == ENOENT ? "missing" : "zero")); - DEBUG(8, ("Marking group %s as non-posix and setting GID=0!\n", name)); + DEBUG(SSSDBG_TRACE_LIBS, ("The group %s gid was %s\n", + groupname, ret == ENOENT ? "missing" : "zero")); + DEBUG(SSSDBG_TRACE_FUNC, + ("Marking group %s as non-posix and setting GID=0!\n", + groupname)); gid = 0; posix = false; } else if (ret) { @@ -172,8 +174,9 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, original_dn = NULL; } - DEBUG(8, ("Adding fake group %s to sysdb\n", name)); - ret = sysdb_add_incomplete_group(sysdb, domain, name, gid, + DEBUG(SSSDBG_TRACE_INTERNAL, + ("Adding fake group %s to sysdb\n", groupname)); + ret = sysdb_add_incomplete_group(sysdb, domain, groupname, gid, original_dn, posix, now); if (ret != EOK) { goto done; @@ -720,11 +723,9 @@ static struct tevent_req *sdap_initgr_nested_send(TALLOC_CTX *memctx, state->user = user; state->op = NULL; - ret = sysdb_attrs_primary_name(sysdb, user, - opts->user_map[SDAP_AT_USER_NAME].name, - &state->username); + ret = sdap_get_user_primary_name(memctx, opts, user, dom, &state->username); if (ret != EOK) { - DEBUG(1, ("User entry had no username\n")); + DEBUG(SSSDBG_CRIT_FAILURE, ("User entry had no username\n")); goto immediate; } @@ -1281,9 +1282,7 @@ sdap_initgr_nested_get_membership_diff(TALLOC_CTX *mem_ctx, } /* Get direct sysdb parents */ - ret = sysdb_attrs_primary_name(sysdb, group, - opts->group_map[SDAP_AT_GROUP_NAME].name, - &group_name); + ret = sdap_get_group_primary_name(tmp_ctx, opts, group, dom, &group_name); if (ret != EOK) { goto done; } @@ -2186,11 +2185,9 @@ static errno_t rfc2307bis_nested_groups_step(struct tevent_req *req) goto done; } - ret = sysdb_attrs_primary_name( - state->sysdb, - state->groups[state->group_iter], - state->opts->group_map[SDAP_AT_GROUP_NAME].name, - &state->primary_name); + ret = sdap_get_group_primary_name(tmp_ctx, state->opts, + state->groups[state->group_iter], + state->dom, &state->primary_name); if (ret != EOK) { goto done; } diff --git a/src/providers/ldap/sdap_async_users.c b/src/providers/ldap/sdap_async_users.c index b3a5c3de..07ddb622 100644 --- a/src/providers/ldap/sdap_async_users.c +++ b/src/providers/ldap/sdap_async_users.c @@ -105,7 +105,6 @@ int sdap_save_user(TALLOC_CTX *memctx, { struct ldb_message_element *el; int ret; - const char *name = NULL; const char *user_name = NULL; const char *fullname = NULL; const char *pwd; @@ -126,7 +125,7 @@ int sdap_save_user(TALLOC_CTX *memctx, char *sid_str; char *dom_sid_str = NULL; - DEBUG(9, ("Save user\n")); + DEBUG(SSSDBG_TRACE_FUNC, ("Save user\n")); tmpctx = talloc_new(NULL); if (!tmpctx) { @@ -140,13 +139,12 @@ int sdap_save_user(TALLOC_CTX *memctx, goto done; } - ret = sysdb_attrs_primary_name(ctx, attrs, - opts->user_map[SDAP_AT_USER_NAME].name, - &name); + ret = sdap_get_user_primary_name(memctx, opts, attrs, dom, &user_name); if (ret != EOK) { - DEBUG(1, ("Failed to save the user - entry has no name attribute\n")); + DEBUG(SSSDBG_OP_FAILURE, ("Failed to get user name\n")); goto done; } + DEBUG(SSSDBG_TRACE_FUNC, ("Processing user %s\n", user_name)); if (opts->schema_type == SDAP_SCHEMA_AD) { ret = sysdb_attrs_get_string(attrs, @@ -207,7 +205,7 @@ int sdap_save_user(TALLOC_CTX *memctx, } } else if (ret == ENOENT) { DEBUG(SSSDBG_TRACE_ALL, ("objectSID: not available for group [%s].\n", - name)); + user_name)); sid_str = NULL; } else { DEBUG(SSSDBG_MINOR_FAILURE, ("Could not identify objectSID: [%s]\n", @@ -224,13 +222,13 @@ int sdap_save_user(TALLOC_CTX *memctx, if (sid_str == NULL) { DEBUG(SSSDBG_MINOR_FAILURE, ("SID not available, cannot map a " \ - "unix ID to user [%s].\n", name)); + "unix ID to user [%s].\n", user_name)); ret = ENOENT; goto done; } DEBUG(SSSDBG_TRACE_LIBS, - ("Mapping user [%s] objectSID [%s] to unix ID\n", name, sid_str)); + ("Mapping user [%s] objectSID [%s] to unix ID\n", user_name, sid_str)); /* Convert the SID into a UNIX user ID */ ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str, &uid); @@ -255,8 +253,9 @@ int sdap_save_user(TALLOC_CTX *memctx, opts->user_map[SDAP_AT_USER_UID].sys_name, &uid); if (ret != EOK) { - DEBUG(1, ("no uid provided for [%s] in domain [%s].\n", - name, dom->name)); + DEBUG(SSSDBG_CRIT_FAILURE, + ("no uid provided for [%s] in domain [%s].\n", + user_name, dom->name)); ret = EINVAL; goto done; } @@ -264,7 +263,7 @@ int sdap_save_user(TALLOC_CTX *memctx, /* check that the uid is valid for this domain */ if (OUT_OF_ID_RANGE(uid, dom->id_min, dom->id_max)) { DEBUG(2, ("User [%s] filtered out! (uid out of range)\n", - name)); + user_name)); ret = EINVAL; goto done; } @@ -275,8 +274,8 @@ int sdap_save_user(TALLOC_CTX *memctx, &gid); if (ret) { DEBUG(SSSDBG_CRIT_FAILURE, - ("Cannot get the GID for [%s] in domain [%s].\n", - name, dom->name)); + ("Cannot get the GID for [%s] in domain [%s].\n", + user_name, dom->name)); goto done; } } else { @@ -296,8 +295,9 @@ int sdap_save_user(TALLOC_CTX *memctx, opts->user_map[SDAP_AT_USER_GID].sys_name, &gid); if (ret != EOK) { - DEBUG(1, ("no gid provided for [%s] in domain [%s].\n", - name, dom->name)); + DEBUG(SSSDBG_CRIT_FAILURE, + ("no gid provided for [%s] in domain [%s].\n", + user_name, dom->name)); ret = EINVAL; goto done; } @@ -307,7 +307,8 @@ int sdap_save_user(TALLOC_CTX *memctx, if (IS_SUBDOMAIN(dom) == false && OUT_OF_ID_RANGE(gid, dom->id_min, dom->id_max)) { DEBUG(SSSDBG_CRIT_FAILURE, - ("User [%s] filtered out! (primary gid out of range)\n", name)); + ("User [%s] filtered out! (primary gid out of range)\n", + user_name)); ret = EINVAL; goto done; } @@ -318,11 +319,11 @@ int sdap_save_user(TALLOC_CTX *memctx, } if (!el || el->num_values == 0) { DEBUG(SSSDBG_MINOR_FAILURE, - ("originalDN is not available for [%s].\n", name)); + ("originalDN is not available for [%s].\n", user_name)); } else { orig_dn = (const char *) el->values[0].data; DEBUG(SSSDBG_TRACE_INTERNAL, ("Adding originalDN [%s] to attributes " - "of [%s].\n", orig_dn, name)); + "of [%s].\n", orig_dn, user_name)); ret = sysdb_attrs_add_string(user_attrs, SYSDB_ORIG_DN, orig_dn); if (ret) { @@ -335,11 +336,11 @@ int sdap_save_user(TALLOC_CTX *memctx, goto done; } if (el->num_values == 0) { - DEBUG(7, ("Original memberOf is not available for [%s].\n", - name)); + DEBUG(SSSDBG_TRACE_FUNC, + ("Original memberOf is not available for [%s].\n", user_name)); } else { - DEBUG(7, ("Adding original memberOf attributes to [%s].\n", - name)); + DEBUG(SSSDBG_TRACE_FUNC, + ("Adding original memberOf attributes to [%s].\n", user_name)); for (i = 0; i < el->num_values; i++) { ret = sysdb_attrs_add_string(user_attrs, SYSDB_ORIG_MEMBEROF, (const char *) el->values[i].data); @@ -352,7 +353,7 @@ int sdap_save_user(TALLOC_CTX *memctx, ret = sdap_attrs_add_string(attrs, opts->user_map[SDAP_AT_USER_MODSTAMP].sys_name, "original mod-Timestamp", - name, user_attrs); + user_name, user_attrs); if (ret != EOK) { goto done; } @@ -363,8 +364,8 @@ int sdap_save_user(TALLOC_CTX *memctx, goto done; } if (el->num_values == 0) { - DEBUG(7, ("Original USN value is not available for [%s].\n", - name)); + DEBUG(SSSDBG_TRACE_FUNC, + ("Original USN value is not available for [%s].\n", user_name)); } else { ret = sysdb_attrs_add_string(user_attrs, opts->user_map[SDAP_AT_USER_USN].sys_name, @@ -385,7 +386,8 @@ int sdap_save_user(TALLOC_CTX *memctx, goto done; } if (el->num_values == 0) { - DEBUG(7, ("User principal is not available for [%s].\n", name)); + DEBUG(SSSDBG_TRACE_FUNC, + ("User principal is not available for [%s].\n", user_name)); } else { upn = talloc_strdup(user_attrs, (const char*) el->values[0].data); if (!upn) { @@ -395,8 +397,9 @@ int sdap_save_user(TALLOC_CTX *memctx, if (dp_opt_get_bool(opts->basic, SDAP_FORCE_UPPER_CASE_REALM)) { make_realm_upper_case(upn); } - DEBUG(7, ("Adding user principal [%s] to attributes of [%s].\n", - upn, name)); + DEBUG(SSSDBG_TRACE_FUNC, + ("Adding user principal [%s] to attributes of [%s].\n", + upn, user_name)); ret = sysdb_attrs_add_string(user_attrs, SYSDB_UPN, upn); if (ret) { goto done; @@ -405,7 +408,7 @@ int sdap_save_user(TALLOC_CTX *memctx, for (i = SDAP_FIRST_EXTRA_USER_AT; i < SDAP_OPTS_USER; i++) { ret = sdap_attrs_add_list(attrs, opts->user_map[i].sys_name, - NULL, name, user_attrs); + NULL, user_name, user_attrs); if (ret) { goto done; } @@ -422,9 +425,9 @@ int sdap_save_user(TALLOC_CTX *memctx, } } - ret = sdap_save_all_names(name, attrs, dom, user_attrs); + ret = sdap_save_all_names(user_name, attrs, dom, user_attrs); if (ret != EOK) { - DEBUG(1, ("Failed to save user names\n")); + DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to save user names\n")); goto done; } @@ -437,14 +440,7 @@ int sdap_save_user(TALLOC_CTX *memctx, goto done; } - DEBUG(6, ("Storing info for user %s\n", name)); - - user_name = sss_get_domain_name(tmpctx, name, dom); - if (!user_name) { - DEBUG(SSSDBG_OP_FAILURE, ("failed to format user name,\n")); - ret = ENOMEM; - goto done; - } + DEBUG(SSSDBG_TRACE_FUNC, ("Storing info for user %s\n", user_name)); ret = sysdb_store_user(ctx, dom, user_name, pwd, uid, gid, gecos, homedir, shell, orig_dn, @@ -460,8 +456,9 @@ int sdap_save_user(TALLOC_CTX *memctx, done: if (ret) { - DEBUG(2, ("Failed to save user [%s]\n", - name ? name : "Unknown")); + DEBUG(SSSDBG_CRIT_FAILURE, + ("Failed to save user [%s]\n", + user_name ? user_name : "Unknown")); } talloc_free(tmpctx); return ret; |