SSSD / sssd

Clone

27b141f ipa: use LDAP not extdom to lookup IPA users and groups

3 files Authored by sbose 4 years ago, Committed by pbrezina 4 years ago,
raw patch tree parent
3 files changed. 74 lines added. 9 lines removed.
src/providers/ipa/ipa_id.c
file modified
+2 -9
src/providers/ipa/ipa_id.h
file modified
+5 -0
src/providers/ipa/ipa_s2n_exop.c
file modified
+67 -0 
    ipa: use LDAP not extdom to lookup IPA users and groups
    
    Currently when an IPA client is resolving trusted users and groups with
    the help of the extdom plugin it uses the extdom plugin as well to
    lookup IPA objects. This might cause issues if e.g. there is a user in
    IPA with the same name as a group in AD or the other way round.
    
    To solve this and to lower the load on the extdom plugin on the IPA
    server side this patch will lookup IPA object directly from LDAP on the
    IPA server.
    
    Related to https://pagure.io/SSSD/sssd/issue/4073
    
    Reviewed-by: Pavel Březina <pbrezina@redhat.com>
file modified
+2 -9
file modified
+5 -0
file modified
+67 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.