>From e88383846ee63339173878536072d1f82f85c3d3 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Thu, 26 Sep 2013 12:34:31 +0200 Subject: [PATCH 5/5] AD: Inherit MPG flag from parent domain Resolves: https://fedorahosted.org/sssd/ticket/2070 When ID mapping is not configured in the parent domain, the sudomains are perceived as using POSIX attributes as well and must not be set as MPG domains. --- src/providers/ad/ad_subdomains.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c index b95f4e46ad7f20382cbc07470e41ff56790f0263..1644fb4788c0eb61734d90d6687175ab91fcb40b 100644 --- a/src/providers/ad/ad_subdomains.c +++ b/src/providers/ad/ad_subdomains.c @@ -25,6 +25,7 @@ #include "providers/ldap/sdap_async.h" #include "providers/ad/ad_subdomains.h" #include "providers/ad/ad_domain_info.h" +#include "providers/ldap/sdap_idmap.h" #include "util/util_sss_idmap.h" #include #include @@ -108,6 +109,7 @@ ad_subdom_store(struct ad_subdomains_ctx *ctx, struct ldb_message_element *el; char *sid_str; uint32_t trust_type; + bool mpg; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { @@ -158,9 +160,13 @@ ad_subdom_store(struct ad_subdomains_ctx *ctx, goto done; } + mpg = sdap_idmap_domain_has_algorithmic_mapping( + ctx->sdap_id_ctx->opts->idmap_ctx, + domain->domain_id); + /* AD subdomains are currently all mpg and do not enumerate */ ret = sysdb_subdomain_store(domain->sysdb, name, realm, flat, sid_str, - true, false); + mpg, false); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("sysdb_subdomain_store failed.\n")); goto done; -- 1.8.3.1