From d34211137c7e70563b073b83d773ae18688efbbc Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Thu, 6 Mar 2014 15:37:57 +0100
Subject: [PATCH 107/107] IPA: Use GC for AD initgroup requests
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
src/providers/ipa/ipa_subdomains_id.c | 21 +++++++++++++++------
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/src/providers/ipa/ipa_subdomains_id.c b/src/providers/ipa/ipa_subdomains_id.c
index 00993c496c1d100b37a780828c81492c2fac6157..978ccc261d7525662e835b867044b6a5238a29df 100644
--- a/src/providers/ipa/ipa_subdomains_id.c
+++ b/src/providers/ipa/ipa_subdomains_id.c
@@ -307,13 +307,22 @@ ipa_get_ad_acct_send(TALLOC_CTX *mem_ctx,
/* Currently only LDAP port for AD is used because POSIX
* attributes are not replicated to GC by default
*/
- clist = talloc_zero_array(req, struct sdap_id_conn_ctx *, 2);
- if (clist == NULL) {
- ret = ENOMEM;
- goto fail;
+
+ if ((state->ar->entry_type & BE_REQ_TYPE_MASK) == BE_REQ_INITGROUPS) {
+ clist = ad_gc_conn_list(req, ad_id_ctx, state->user_dom);
+ if (clist == NULL) {
+ ret = ENOMEM;
+ goto fail;
+ }
+ } else {
+ clist = talloc_zero_array(req, struct sdap_id_conn_ctx *, 2);
+ if (clist == NULL) {
+ ret = ENOMEM;
+ goto fail;
+ }
+ clist[0] = ad_id_ctx->ldap_ctx;
+ clist[1] = NULL;
}
- clist[0] = ad_id_ctx->ldap_ctx;
- clist[1] = NULL;
/* Now we already need ad_id_ctx in particular sdap_id_conn_ctx */
sdom = sdap_domain_get(sdap_id_ctx->opts, state->user_dom);
--
1.8.5.3