SSSD / sssd

Clone

560b624 GPO: use SDAP_SASL_AUTHID as samAccountName

1 file Authored by sbose 8 years ago, Committed by jhrozek 8 years ago,
raw patch tree parent
1 file changed. 4 lines added. 3 lines removed.
src/providers/ad/ad_gpo.c
file modified
+4 -3 
    GPO: use SDAP_SASL_AUTHID as samAccountName
    
    The samAccountName for AD hosts is the hosts NetBIOS name with a
    trailing $. Since there is a size limit on NetBIOS names long DNS names
    must be truncated to find a matching entry in the AD LDAP tree.
    
    The NetBIOS name is already needed during kinit/SASL bind where the
    SDAP_SASL_AUTHID config option is used. Since the GPO lookup code is
    only reached after the SASL bind was successful we can safely assume
    that the name is correct and use it for the GPO lookup.
    
    Resolves https://fedorahosted.org/sssd/ticket/2692
    
    Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
file modified
+4 -3
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.