SSSD / sssd

Clone

9bd757c Ghost members - support in LDAP provider

1 file Authored by jzeleny 11 years ago, Committed by sgallagh 11 years ago,
raw patch tree parent
1 file changed. 286 lines added. 186 lines removed.
src/providers/ldap/sdap_async_groups.c
file modified
+286 -186 
    Ghost members - support in LDAP provider
    
    The original approach was to store name and original DN in an object in
    sysdb. When later referenced as member of a group, it was retrieved by
    its original DN and the correct information about its sysdb DN was
    stored in the group object which referenced it.
    
    The new approach doesn't use fake user objects, therefore this
    information has to be reached differently when constructing group
    memberships. The approach is to store all users to a hash table where
    original DN is used as the key and username as value. When constructing
    group memberships, the name is retrieved from this hash table instead of
    sysdb. This hash table is constructed when retrieving user objects from
    LDAP server - if the user is not present in sysdb, it is automatically
    stored in the hash table.
    
    Another situation is for rfc2307. Because there is no nesting there, we
    can construct the SYSDB_GHOST attribute directly and therefore don't
    need a hash table of ghost users.
file modified
+286 -186
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.