From 64192cf7c2823ae93820623b0ae285b697fabe12 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Thu, 16 Dec 2021 11:14:18 +0100 Subject: [PATCH] ad: add required 'cn' attribute to subdomain object MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If the forest root is not part of the return trusted domain objects from the local domain controller we generate an object for further processing. During this processing it is expected that the 'cn' attribute is set and contains the name of the forest root. So far this attribute was missing and it is now added by this patch. Resolves: https://github.com/SSSD/sssd/issues/5926 Reviewed-by: Pavel Březina (cherry picked from commit bf6059eb55c8caa3111ef718db1676c96a67c084) --- src/providers/ad/ad_subdomains.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c index e4e248c1d..c92faba95 100644 --- a/src/providers/ad/ad_subdomains.c +++ b/src/providers/ad/ad_subdomains.c @@ -1649,6 +1649,13 @@ static void ad_check_root_domain_done(struct tevent_req *subreq) goto done; } + ret = sysdb_attrs_add_string(state->reply[0], AD_AT_DOMAIN_NAME, + state->forest); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, "sysdb_attrs_add_string() failed.\n"); + goto done; + } + err = sss_idmap_sid_to_bin_sid(state->idmap_ctx->map, id, &id_val.data, &id_val.length); if (err != IDMAP_SUCCESS) { -- 2.26.3