095844d AD: Implement a real getAccountDomain handler for the AD provider

3 files Authored by jhrozek 6 years ago, Committed by lslebodn 6 years ago,
    AD: Implement a real getAccountDomain handler for the AD provider
    
    After this patch, the AD provider drops the default getAccountDomain
    handler in favor of the handler added in this patch.
    
    The handler first checks if the domain is eligible for locating
    the domain of an ID with the help of the Global Catalog at all, which
    only happens if:
        - the Global Catalog is enabled
        - POSIX IDs are used, not ID-mapping
        - the Global catalog contains some POSIX IDs
    
    If all these hold true, then the Global Catalog is searched with
    an empty search base, which searches the whole GC. If a single entry
    is returned, its original DN is converted to a domain name and returned.
    
    Reviewed-by: Pavel Březina <pbrezina@redhat.com>
    Reviewed-by: Sumit Bose <sbose@redhat.com>
    
        
file modified
+469 -0
file modified
+10 -0
file modified
+2 -2