From abbbcb79ff0c5b82d7a3acb324c3d44f87479837 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Mon, 12 Sep 2016 17:36:09 +0200
Subject: [PATCH 136/140] LDAP: Return partial results from adminlimit exceeded
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Resolves:
    https://fedorahosted.org/sssd/ticket/3185

Since commit c420ce830ac0b0b288a2a887ec2cfce5c748018c we try to move to
the next server on any error on the connection, which in case there is
only one server sends SSSD offline.

It's more graceful to try to process the results, same as we already do
with sizelimit exceeded.

Reviewed-by: Michal Židek <mzidek@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
(cherry picked from commit 3319d964721396c07daba383ded6aaaf33ed6e3b)
---
 src/providers/ldap/sdap_async.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c
index 4195ba95d911f3956f8cca665310b4b92091e6cd..b8e04b9d8464d7c2c681080cba456c34b93b923a 100644
--- a/src/providers/ldap/sdap_async.c
+++ b/src/providers/ldap/sdap_async.c
@@ -1526,7 +1526,8 @@ static void sdap_get_generic_op_finished(struct sdap_op *op,
                   sss_ldap_err2string(result), result,
                   errmsg ? errmsg : "no errmsg set");
 
-        if (result == LDAP_SIZELIMIT_EXCEEDED) {
+        if (result == LDAP_SIZELIMIT_EXCEEDED
+                || result == LDAP_ADMINLIMIT_EXCEEDED) {
             /* Try to return what we've got */
 
             if ( ! (state->flags & SDAP_SRCH_FLG_SIZELIMIT_SILENT)) {
-- 
2.7.4