From 8509e1fe368b62225b7cf39eb1eec6cac7bf38b3 Mon Sep 17 00:00:00 2001

From: Lukas Slebodnik <lslebodn@redhat.com>

Date: Fri, 13 Dec 2013 18:20:08 +0100

Subject: [PATCH 58/60] LDAP: Don't fail if subdomain cannot be found by sid

Domain needn't contain sid if id_provider is ldap.

With enabled id mapping, user couldn't be stored, because domain

couldn't be found by sid.

Resolves:

https://fedorahosted.org/sssd/ticket/2172

---

 src/providers/ldap/sdap_async_users.c | 10 ++++++----

 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/providers/ldap/sdap_async_users.c b/src/providers/ldap/sdap_async_users.c

index 7f0b2eea0b5ee909bcf148236c7fc43863fe8c13..65c456c8fffb57cbf9e977a49388dbe250d1412a 100644

--- a/src/providers/ldap/sdap_async_users.c

+++ b/src/providers/ldap/sdap_async_users.c

@@ -124,6 +124,7 @@ int sdap_save_user(TALLOC_CTX *memctx,

     bool use_id_mapping;

     char *sid_str;

     char *dom_sid_str = NULL;

+    struct sss_domain_info *subdomain;

     DEBUG(SSSDBG_TRACE_FUNC, ("Save user\n"));

@@ -163,11 +164,12 @@ int sdap_save_user(TALLOC_CTX *memctx,

     /* If this object has a SID available, we will determine the correct

      * domain by its SID. */

     if (sid_str != NULL) {

-        dom = find_subdomain_by_sid(get_domains_head(dom), sid_str);

-        if (dom == NULL) {

-            DEBUG(SSSDBG_OP_FAILURE, ("SID %s does not belong to any known "

+        subdomain = find_subdomain_by_sid(get_domains_head(dom), sid_str);

+        if (subdomain) {

+            dom = subdomain;

+        } else {

+            DEBUG(SSSDBG_TRACE_FUNC, ("SID %s does not belong to any known "

                                       "domain\n", sid_str));

-            return ERR_DOMAIN_NOT_FOUND;

         }

     }

-- 

1.8.4.2