From 42a3ceef28c4e3b629298efea00b57d41356a177 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Feb 17 2012 16:10:04 +0000
Subject: LDAP: Ignore group member users that do not have name attributes


Instead of failing the group lookup, just skip them. This was
impacting some users of ActiveDirectory where not all users had
the appropriate attributes.

https://fedorahosted.org/sssd/ticket/1169

---

diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
index 061a99c..aefe353 100644
--- a/src/providers/ldap/sdap_async_groups.c
+++ b/src/providers/ldap/sdap_async_groups.c
@@ -1685,8 +1685,8 @@ static errno_t sdap_nested_group_populate_users(struct sysdb_ctx *sysdb,
                                     opts->user_map[SDAP_AT_USER_NAME].name,
                                     &username);
         if (ret != EOK) {
-            DEBUG(1, ("User entry %d has no name attribute\n", i));
-            goto done;
+            DEBUG(1, ("User entry %d has no name attribute. Skipping\n", i));
+            continue;
         }
 
         ret = sysdb_attrs_get_el(users[i], SYSDB_ORIG_DN, &el);