From 749cfb5d3270b5daf389d51a0dbd3fd2aec6e05d Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Mon, 27 May 2013 08:48:02 +0200 Subject: LDAP: new SDAP domain structure Previously an sdap_id_ctx was always tied to one domain with a single set of search bases. But with the introduction of Global Catalog lookups, primary domain and subdomains might have different search bases. This patch introduces a new structure sdap_domain that contains an sssd domain or subdomain and a set of search bases. With this patch, there is only one sdap_domain that describes the primary domain. --- src/providers/ad/ad_common.c | 17 ++++++++++++----- src/providers/ad/ad_subdomains.c | 4 +++- 2 files changed, 15 insertions(+), 6 deletions(-) (limited to 'src/providers/ad') diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c index 4a6343f7..713f3194 100644 --- a/src/providers/ad/ad_common.c +++ b/src/providers/ad/ad_common.c @@ -448,6 +448,13 @@ ad_get_id_options(struct ad_options *ad_opts, goto done; } + ret = sdap_domain_add(id_opts, + ad_opts->id_ctx->sdap_id_ctx->be->domain, + NULL); + if (ret != EOK) { + goto done; + } + ret = dp_get_options(id_opts, cdb, conf_path, ad_def_ldap_opts, SDAP_OPTS_BASIC, @@ -619,31 +626,31 @@ ad_set_search_bases(struct sdap_options *id_opts) /* Default search */ ret = sdap_parse_search_base(id_opts, id_opts->basic, SDAP_SEARCH_BASE, - &id_opts->search_bases); + &id_opts->sdom->search_bases); if (ret != EOK && ret != ENOENT) goto done; /* User search */ ret = sdap_parse_search_base(id_opts, id_opts->basic, SDAP_USER_SEARCH_BASE, - &id_opts->user_search_bases); + &id_opts->sdom->user_search_bases); if (ret != EOK && ret != ENOENT) goto done; /* Group search base */ ret = sdap_parse_search_base(id_opts, id_opts->basic, SDAP_GROUP_SEARCH_BASE, - &id_opts->group_search_bases); + &id_opts->sdom->group_search_bases); if (ret != EOK && ret != ENOENT) goto done; /* Netgroup search */ ret = sdap_parse_search_base(id_opts, id_opts->basic, SDAP_NETGROUP_SEARCH_BASE, - &id_opts->netgroup_search_bases); + &id_opts->sdom->netgroup_search_bases); if (ret != EOK && ret != ENOENT) goto done; /* Service search */ ret = sdap_parse_search_base(id_opts, id_opts->basic, SDAP_SERVICE_SEARCH_BASE, - &id_opts->service_search_bases); + &id_opts->sdom->service_search_bases); if (ret != EOK && ret != ENOENT) goto done; ret = EOK; diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c index da0c85e7..098663cc 100644 --- a/src/providers/ad/ad_subdomains.c +++ b/src/providers/ad/ad_subdomains.c @@ -44,6 +44,7 @@ struct ad_subdomains_ctx { struct be_ctx *be_ctx; struct sdap_id_ctx *sdap_id_ctx; + struct sdap_domain *sdom; struct sss_idmap_ctx *idmap_ctx; char *domain_name; @@ -164,7 +165,7 @@ static errno_t ad_subdomains_get_master_sid(struct ad_subdomains_req_ctx *ctx) const char *master_sid_attrs[] = {AD_AT_OBJECT_SID, NULL}; - base = ctx->sd_ctx->sdap_id_ctx->opts->search_bases[ctx->base_iter]; + base = ctx->sd_ctx->sdom->search_bases[ctx->base_iter]; if (base == NULL) { return EOK; } @@ -497,6 +498,7 @@ int ad_subdom_init(struct be_ctx *be_ctx, } ctx->be_ctx = be_ctx; + ctx->sdom = id_ctx->sdap_id_ctx->opts->sdom; ctx->sdap_id_ctx = id_ctx->sdap_id_ctx; ctx->domain_name = talloc_strdup(ctx, ad_domain); if (ctx->domain_name == NULL) { -- cgit