>From 658c7196d75293aa72242a455657b64a46d0bfa2 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lslebodn@redhat.com>
Date: Fri, 13 Sep 2013 16:06:03 +0200
Subject: [PATCH] LDAP: Use primary cn to search netgroup

Resolves:
https://fedorahosted.org/sssd/ticket/2075
---
 src/providers/ldap/sdap.c                 | 11 +++++++++++
 src/providers/ldap/sdap.h                 |  6 ++++++
 src/providers/ldap/sdap_async_netgroups.c | 16 +++++++---------
 3 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
index 7741030cc7a22cdd53c63cc02afd71eb1f4af6b0..078326ad3614ed2cd41659ea279642a46a0e24e1 100644
--- a/src/providers/ldap/sdap.c
+++ b/src/providers/ldap/sdap.c
@@ -1260,3 +1260,14 @@ errno_t sdap_get_group_primary_name(TALLOC_CTX *memctx,
                                  opts->group_map[SDAP_AT_GROUP_NAME].name,
                                  attrs, dom, _group_name);
 }
+
+errno_t sdap_get_netgroup_primary_name(TALLOC_CTX *memctx,
+                                       struct sdap_options *opts,
+                                       struct sysdb_attrs *attrs,
+                                       struct sss_domain_info *dom,
+                                       const char **_netgroup_name)
+{
+    return sdap_get_primary_name(memctx,
+                                 opts->netgroup_map[SDAP_AT_NETGROUP_NAME].name,
+                                 attrs, dom, _netgroup_name);
+}
diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h
index 441ac904bd2d03618376f6770304dc5c4db75923..0e886e9804f5ac8a1b782ee2d49b19973476079d 100644
--- a/src/providers/ldap/sdap.h
+++ b/src/providers/ldap/sdap.h
@@ -511,6 +511,12 @@ errno_t sdap_get_user_primary_name(TALLOC_CTX *memctx,
                                    struct sss_domain_info *dom,
                                    const char **_user_name);
 
+errno_t sdap_get_netgroup_primary_name(TALLOC_CTX *memctx,
+                                       struct sdap_options *opts,
+                                       struct sysdb_attrs *attrs,
+                                       struct sss_domain_info *dom,
+                                       const char **_netgroup_name);
+
 errno_t sdap_set_config_options_with_rootdse(struct sysdb_attrs *rootdse,
                                              struct sdap_options *opts,
                                              struct sdap_domain *sdom);
diff --git a/src/providers/ldap/sdap_async_netgroups.c b/src/providers/ldap/sdap_async_netgroups.c
index 099955a641f073b59620e7582fc33f9dcefe17b4..64d5555d354ec6baecaa4368bdd472e85fde17aa 100644
--- a/src/providers/ldap/sdap_async_netgroups.c
+++ b/src/providers/ldap/sdap_async_netgroups.c
@@ -53,15 +53,13 @@ static errno_t sdap_save_netgroup(TALLOC_CTX *memctx,
     char *timestamp = NULL;
     char **missing = NULL;
 
-    ret = sysdb_attrs_get_el(attrs,
-                             opts->netgroup_map[SDAP_AT_NETGROUP_NAME].sys_name,
-                             &el);
-    if (ret) goto fail;
-    if (el->num_values == 0) {
-        ret = EINVAL;
-        goto fail;
-    }
-    name = (const char *)el->values[0].data;
+    ret = sdap_get_netgroup_primary_name(memctx, opts, attrs, dom, &name);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_OP_FAILURE, ("Failed to get netgroup name\n"));
+            goto fail;
+        }
+
+    DEBUG(SSSDBG_TRACE_FUNC, ("Processing netgroup %s\n", name));
 
     netgroup_attrs = sysdb_new_attrs(memctx);
     if (!netgroup_attrs) {
-- 
1.8.3.1