summaryrefslogtreecommitdiff
path: root/src/providers/ldap/sdap_async_initgroups.c
AgeCommit message (Collapse)AuthorFilesLines
2012-06-13LDAP: Auto-detect support for the ldap match ruleStephen Gallagher1-1/+3
This patch extends the RootDSE lookup so that we will perform a second request to test whether the match rule syntax can be used. If both groups and initgroups are disabled in the configuration, this lookup request can be skipped.
2012-06-13LDAP: Add support for AD chain matching extension in initgroupsStephen Gallagher1-9/+20
2012-06-12LDAP: Make sdap_initgr_common_store() non-staticStephen Gallagher1-7/+7
Move it to a private header so it can be reused by other initgroups C files.
2012-06-12LDAP: Add helper function to get list of a user's groups from sysdbStephen Gallagher1-33/+64
2012-06-12LDAP: Fix incorrect switch statement in sdap_get_initgr_done()Stephen Gallagher1-1/+1
SDAP_SCHEMA_AD needs to be calling sdap_initgr_rfc2307bis_recv(), not sdap_initgr_nested_recv(). By coincidence both recv functions happened to be identical, but if one or the other changed, this would break unexpectedly.
2012-05-31Utilize attribute exclusion in LDAP initgroupsJan Zeleny1-3/+33
Previous patch added the possibility to exclude some attributes from a map when building an attribute list to be sent to server. The original reason for this functionality is the code handling LDAP initgroups. In this code, there is no need to fetch members of groups in question. This can save some performance since the list of members can be pretty long in some cases. This case apllies only to RFC2307 and generic RFC2307bis, it doesn't apply for IPA schema.
2012-05-31Add support for filtering atributesJan Zeleny1-10/+10
This patch adds support for filtering attributes when constructing attribute list from a map for LDAP query.
2012-05-31Ghost members - removed sdap_check_aliases()Jan Zeleny1-7/+0
This function is no longer necessary because we don't have fake user entries any more. The original purpose of this function was to check if there are fake user entries for particular user and, if yes, to update its membership.
2012-05-10LDAP: Add attr_count return value to build_attrs_from_map()Stephen Gallagher1-5/+5
This is necessary because in several places in the code, we are appending to the attrs returned from this value, and if we relied on the map size macro, we would be appending after the NULL terminator if one or more attributes were defined as NULL.
2012-05-03LDAP: Treat groups with unmappable SIDs as non-POSIX groupsStephen Gallagher1-9/+12
2012-05-03LDAP: Add helper function to map IDsStephen Gallagher1-16/+5
This function will also auto-create a new ID map if the domain has not been seen previously.
2012-05-03LDAP: Add helper routine to convert LDAP blob to SID stringStephen Gallagher1-28/+144
2012-03-08Fix nested groups processingJakub Hrozek1-26/+60
Instead of keeping the number of parent groups in "state" and having to reset the count when moving to another group on the same level, keep track of the all groups on a particular level along with their parents and parent count.
2012-03-05Use proper errno codeJakub Hrozek1-1/+1
2012-02-24Modifications to simplify list_missing_attrsJan Zeleny1-1/+1
2012-02-24LDAP: Only use paging control on requests for multiple entriesStephen Gallagher1-6/+12
The paging control can cause issues on servers that put limits on how many paging controls can be active at one time (on some servers, it is limited to one per connection). We need to reduce our usage so that we only activate the paging control when making a request that may return an arbitrary number of results. https://fedorahosted.org/sssd/ticket/1202 phase one
2012-02-23LDAP: Properly assign orig_dnStephen Gallagher1-0/+1
This was only used for properly identifying debug messages.
2012-02-14Fix memory hierarchy when processing nested group membershipsJakub Hrozek1-6/+8
https://fedorahosted.org/sssd/ticket/1186
2012-02-04LDAP: Fix incorrect search timeoutsStephen Gallagher1-1/+1
2012-02-04LDAP: Do not fail if RootDSE check cannot determine search basesStephen Gallagher1-1/+34
https://fedorahosted.org/sssd/ticket/1152
2011-12-16Use the case sensitivity flag in the LDAP providerJakub Hrozek1-4/+13
2011-11-30Use dereference during IPA provider initgroupsJakub Hrozek1-40/+149
https://fedorahosted.org/sssd/ticket/1099
2011-11-22Cleanup: Remove unused parametersJakub Hrozek1-16/+7
2011-11-11Squash transactions in sdap_initgr_common_storeJakub Hrozek1-6/+25
https://fedorahosted.org/sssd/ticket/1053
2011-11-07Use correct state struct in sdap_initgr_rfc2307bis_next_baseJakub Hrozek1-2/+3
2011-11-07Fix segfault in sdap_get_initgr_userJakub Hrozek1-1/+2
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307bis groups)Stephen Gallagher1-77/+225
2011-11-02LDAP: Add multiple search bases for initgroups (RFC2307 groups)Stephen Gallagher1-17/+99
2011-11-02LDAP: Add multiple search bases for initgroups (users)Stephen Gallagher1-30/+72
2011-10-31Steal result onto mem_ctx in sdap_initgr_nested_get_direct_parentsJakub Hrozek1-2/+1
2011-10-31RFC2307bis initgroups: fix nested groups processingJakub Hrozek1-20/+33
Due to incorrectly written loop, SSSD would go into infitite loop if it processed the same group on two different levels of membership.
2011-10-25Plug memory leaks in LDAP providerJakub Hrozek1-0/+3
2011-10-17Cancel transactions correctly during initgroupsJakub Hrozek1-13/+31
2011-10-17Use fewer transactions during IPA initgroupsJakub Hrozek1-171/+273
2011-10-17Use fewer transactions during RFC2307bis initgroupsJakub Hrozek1-346/+366
2011-10-17Utility functions for LDAP nested schema initgroupsJakub Hrozek1-0/+119
2011-10-13SysDB commands that save lastUpdate allows this value to be passed inPavel Březina1-2/+4
https://fedorahosted.org/sssd/ticket/836
2011-09-28Store name aliases for users, groupsJakub Hrozek1-0/+7
Also checks fake users for aliases when storing a real users so that getgrnam for a RFC2307 group that references a user by his secondary name followed by getpwnam for this user by his primary name works
2011-09-28Add a sysdb_get_direct_parents functionJakub Hrozek1-57/+5
2011-08-15Moved some functions in sdap_async_initgroupsJan Zeleny1-345/+349
2011-08-15sdap_async_accounts.c splitJan Zeleny1-0/+2049
The file has been split in three: sdap_async_users.c sdap_async_groups.c sdap_async_initgroups.c https://fedorahosted.org/sssd/ticket/864