SSSD / sssd

Clone

5e1641b AD/LDAP: Do not misuse the ignore_mark_offline to check if a connection needs to be checked for POSIX attribute presence

3 files Authored by jhrozek 5 years ago, Committed by fidencio 5 years ago,
raw patch tree parent
3 files changed. 5 lines added. 1 lines removed.
src/providers/ad/ad_common.c
file modified
+2 -0
src/providers/ldap/ldap_common.c
file modified
+1 -1
src/providers/ldap/ldap_common.h
file modified
+2 -0 
    AD/LDAP: Do not misuse the ignore_mark_offline to check if a connection needs to be checked for POSIX attribute presence
    
    The logic behind deciding whether to check if a server contains any
    POSIX attributes used the ignore_mark_offline flag. This was OK for some
    time, because this flag was only set for to true for Global Catalog
    connections, which are those that we need to check.
    
    However, in recent releases, the flag was also set for any connection
    towards a trusted domain. This had the unintended effect that any
    lookup, LDAP or GC against a trusted domain ran the wide POSIX presence
    check.
    
    Resolves:
    https://pagure.io/SSSD/sssd/issue/3754
    
    Reviewed-by: Fabiano FidĂȘncio <fidencio@redhat.com>
file modified
+2 -0
file modified
+1 -1
file modified
+2 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.