|
 |
2fc102 |
From dfebe8a952561e51fe1d603886ba4e979b29d889 Mon Sep 17 00:00:00 2001
|
|
|
2fc102 |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
2fc102 |
Date: Fri, 13 Dec 2013 20:11:11 +0100
|
|
|
2fc102 |
Subject: [PATCH 30/31] AD: Enable fallback to LDAP of trusted domain
|
|
|
2fc102 |
|
|
|
2fc102 |
Since we have the LDAP port of a trusted AD GC always available now, we
|
|
|
2fc102 |
can always perform a fallback.
|
|
|
2fc102 |
---
|
|
|
2fc102 |
src/providers/ad/ad_common.c | 14 +-------------
|
|
|
2fc102 |
src/tests/cmocka/test_ad_common.c | 7 ++++---
|
|
|
2fc102 |
2 files changed, 5 insertions(+), 16 deletions(-)
|
|
|
2fc102 |
|
|
|
2fc102 |
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c
|
|
|
2fc102 |
index a5ea4f587f30575a5903d8ae1a459f53512c011f..99fa4c07af2a79bb3ca195214ddb0dbd60c61620 100644
|
|
|
2fc102 |
--- a/src/providers/ad/ad_common.c
|
|
|
2fc102 |
+++ b/src/providers/ad/ad_common.c
|
|
|
2fc102 |
@@ -1133,23 +1133,11 @@ ad_gc_conn_list(TALLOC_CTX *mem_ctx, struct ad_id_ctx *ad_ctx,
|
|
|
2fc102 |
/* Always try GC first */
|
|
|
2fc102 |
if (dp_opt_get_bool(ad_ctx->ad_options->basic, AD_ENABLE_GC)) {
|
|
|
2fc102 |
clist[cindex] = ad_ctx->gc_ctx;
|
|
|
2fc102 |
- if (IS_SUBDOMAIN(dom) == true) {
|
|
|
2fc102 |
- clist[cindex]->ignore_mark_offline = false;
|
|
|
2fc102 |
- /* Subdomain users are only present in GC. */
|
|
|
2fc102 |
- return clist;
|
|
|
2fc102 |
- }
|
|
|
2fc102 |
- /* fall back to ldap if gc is not available */
|
|
|
2fc102 |
clist[cindex]->ignore_mark_offline = true;
|
|
|
2fc102 |
cindex++;
|
|
|
2fc102 |
}
|
|
|
2fc102 |
|
|
|
2fc102 |
- if (IS_SUBDOMAIN(dom) == false) {
|
|
|
2fc102 |
- /* With root domain users we have the option to
|
|
|
2fc102 |
- * fall back to LDAP in case ie POSIX attributes
|
|
|
2fc102 |
- * are used but not replicated to GC
|
|
|
2fc102 |
- */
|
|
|
2fc102 |
- clist[cindex] = ad_ctx->ldap_ctx;
|
|
|
2fc102 |
- }
|
|
|
2fc102 |
+ clist[cindex] = ad_get_dom_ldap_conn(ad_ctx, dom);
|
|
|
2fc102 |
|
|
|
2fc102 |
return clist;
|
|
|
2fc102 |
}
|
|
|
2fc102 |
diff --git a/src/tests/cmocka/test_ad_common.c b/src/tests/cmocka/test_ad_common.c
|
|
|
2fc102 |
index 07502b82d43d730562c60125b639d8e7d1034458..bbd56b1b9b78cb78cb24726522822ad2f7ae9980 100644
|
|
|
2fc102 |
--- a/src/tests/cmocka/test_ad_common.c
|
|
|
2fc102 |
+++ b/src/tests/cmocka/test_ad_common.c
|
|
|
2fc102 |
@@ -176,8 +176,9 @@ void test_conn_list(void **state)
|
|
|
2fc102 |
assert_non_null(conn_list);
|
|
|
2fc102 |
|
|
|
2fc102 |
assert_true(conn_list[0] == test_ctx->ad_ctx->gc_ctx);
|
|
|
2fc102 |
- assert_false(conn_list[0]->ignore_mark_offline);
|
|
|
2fc102 |
- assert_null(conn_list[1]);
|
|
|
2fc102 |
+ assert_true(conn_list[0]->ignore_mark_offline);
|
|
|
2fc102 |
+ assert_true(conn_list[1] == test_ctx->subdom_ad_ctx->ldap_ctx);
|
|
|
2fc102 |
+ assert_false(conn_list[1]->ignore_mark_offline);
|
|
|
2fc102 |
talloc_free(conn_list);
|
|
|
2fc102 |
|
|
|
2fc102 |
dp_opt_set_bool(test_ctx->ad_ctx->ad_options->basic, AD_ENABLE_GC, false);
|
|
|
2fc102 |
@@ -195,7 +196,7 @@ void test_conn_list(void **state)
|
|
|
2fc102 |
conn_list = ad_gc_conn_list(test_ctx, test_ctx->ad_ctx, test_ctx->subdom);
|
|
|
2fc102 |
assert_non_null(conn_list);
|
|
|
2fc102 |
|
|
|
2fc102 |
- assert_null(conn_list[0]);
|
|
|
2fc102 |
+ assert_true(conn_list[0] == test_ctx->subdom_ad_ctx->ldap_ctx);
|
|
|
2fc102 |
talloc_free(conn_list);
|
|
|
2fc102 |
}
|
|
|
2fc102 |
|
|
|
2fc102 |
--
|
|
|
2fc102 |
1.8.4.2
|
|
|
2fc102 |
|