80 lines
3.0 KiB
Diff
80 lines
3.0 KiB
Diff
From 82096e7e4a6ccaf8a2828ddfc77a04c930a14148 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Michal=20=C5=BDidek?= <mzidek@redhat.com>
|
|
Date: Wed, 4 Apr 2018 13:24:21 +0200
|
|
Subject: [PATCH] GPO: Use AD site override if set
|
|
|
|
Use AD site override if it was set in SSSD configuration.
|
|
|
|
Resolves:
|
|
https://pagure.io/SSSD/sssd/issue/3646
|
|
|
|
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
(cherry picked from commit 744e2b4d0710c1dc850bfadbd75ae1ae7faf1148)
|
|
---
|
|
src/providers/ad/ad_gpo.c | 33 ++++++++++++++++++++++++++++++---
|
|
1 file changed, 30 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/providers/ad/ad_gpo.c b/src/providers/ad/ad_gpo.c
|
|
index 028f6a2e7..a48f264c7 100644
|
|
--- a/src/providers/ad/ad_gpo.c
|
|
+++ b/src/providers/ad/ad_gpo.c
|
|
@@ -2806,7 +2806,8 @@ ad_gpo_site_name_retrieval_done(struct tevent_req *subreq)
|
|
struct tevent_req *req;
|
|
struct ad_gpo_process_som_state *state;
|
|
int ret;
|
|
- char *site;
|
|
+ char *site = NULL;
|
|
+ char *site_override = NULL;
|
|
const char *attrs[] = {AD_AT_CONFIG_NC, NULL};
|
|
|
|
req = tevent_req_callback_data(subreq, struct tevent_req);
|
|
@@ -2817,17 +2818,43 @@ ad_gpo_site_name_retrieval_done(struct tevent_req *subreq)
|
|
talloc_zfree(subreq);
|
|
|
|
if (ret != EOK || site == NULL) {
|
|
- DEBUG(SSSDBG_OP_FAILURE, "Cannot retrieve master domain info\n");
|
|
+ DEBUG(SSSDBG_TRACE_FUNC,
|
|
+ "Could not autodiscover AD site. This is not fatal if "
|
|
+ "ad_site option was set.\n");
|
|
+ }
|
|
+
|
|
+ site_override = dp_opt_get_string(state->ad_options, AD_SITE);
|
|
+ if (site_override != NULL) {
|
|
+ DEBUG(SSSDBG_TRACE_FUNC,
|
|
+ "Overriding autodiscovered AD site value '%s' with '%s' from "
|
|
+ "configuration.\n", site ? site : "none", site_override);
|
|
+ }
|
|
+
|
|
+ if (site == NULL && site_override == NULL) {
|
|
+ sss_log(SSS_LOG_WARNING,
|
|
+ "Could not autodiscover AD site value using DNS and ad_site "
|
|
+ "option was not set in configuration. GPO will not work. "
|
|
+ "To work around this issue you can use ad_site option in SSSD "
|
|
+ "configuration.");
|
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
|
+ "Could not autodiscover AD site value using DNS and ad_site "
|
|
+ "option was not set in configuration. GPO will not work. "
|
|
+ "To work around this issue you can use ad_site option in SSSD "
|
|
+ "configuration.\n");
|
|
tevent_req_error(req, ENOENT);
|
|
return;
|
|
}
|
|
|
|
- state->site_name = talloc_asprintf(state, "cn=%s", site);
|
|
+ state->site_name = talloc_asprintf(state, "cn=%s",
|
|
+ site_override ? site_override
|
|
+ : site);
|
|
if (state->site_name == NULL) {
|
|
tevent_req_error(req, ENOMEM);
|
|
return;
|
|
}
|
|
|
|
+ DEBUG(SSSDBG_TRACE_FUNC, "Using AD site '%s'.\n", state->site_name);
|
|
+
|
|
/*
|
|
* note: the configNC attribute is being retrieved here from the rootDSE
|
|
* entry. In future, since we already make an LDAP query for the rootDSE
|
|
--
|
|
2.14.3
|
|
|