From ccf48aa7761065283483d667f3efaf33b5b2a728 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Tue, 1 Dec 2020 14:12:33 +0100 Subject: [PATCH 1/3] service: make sure use_ldaps is not only set for automatic join The check if ldaps is requested or not was only called if an automatic join was enabled. With this patch it is checked in all cases. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1826964 --- service/realm-sssd-ad.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/service/realm-sssd-ad.c b/service/realm-sssd-ad.c index 00a9093..ea5f28c 100644 --- a/service/realm-sssd-ad.c +++ b/service/realm-sssd-ad.c @@ -349,19 +349,6 @@ parse_join_options (JoinClosure *join, return FALSE; } - /* - * Check if ldaps should be used and if membership software supports - * it. - */ - join->use_ldaps = realm_option_use_ldaps (options); - if (join->use_ldaps && - g_str_equal (software, REALM_DBUS_IDENTIFIER_SAMBA)) { - realm_diagnostics_info (join->invocation, - "Membership software %s does " - "not support ldaps, trying " - "without.", software); - } - /* * If we are enrolling with a user password, then we have to use samba, * adcli only supports admin passwords. @@ -393,6 +380,19 @@ parse_join_options (JoinClosure *join, g_assert (software != NULL); + /* + * Check if ldaps should be used and if membership software supports + * it. + */ + join->use_ldaps = realm_option_use_ldaps (options); + if (join->use_ldaps && + g_str_equal (software, REALM_DBUS_IDENTIFIER_SAMBA)) { + realm_diagnostics_info (join->invocation, + "Membership software %s does " + "not support ldaps, trying " + "without.", software); + } + if (g_str_equal (software, REALM_DBUS_IDENTIFIER_ADCLI)) { join->use_adcli = TRUE; join->packages = ADCLI_PACKAGES; -- 2.28.0