3397341 GPO: Process GPOS in offline mode if ldap search failed

Authored and Committed by lslebodn 7 years ago
    GPO: Process GPOS in offline mode if ldap search failed
    
    Initgroup requests use global catalog for LDAP queries.
    Only port for global catalog is marked as offline
    if request fails due to problems with connection.
    However, GPO code uses standard LDAP port for
    retrieving of target DNs and other information.
    
    Previously, GPOs were processed in offline mode only
    if there were issues with connection to AD server.
    But connection can be cached and ldap search can still fail.
    
    Resolves:
    https://fedorahosted.org/sssd/ticket/2964
    
    Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
    (cherry picked from commit bdd533146cb2da71b7c39ad0efa2e5baca7257eb)
    
        
file modified
+20 -0