From fbf7fe9a713948eaf5e47518c776f2ad664b9e46 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 2 Sep 2015 13:41:26 +0200 Subject: [PATCH 81/87] IPA: Do not allow the AD lookup code to set backend as offline in server mode MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit https://fedorahosted.org/sssd/ticket/2637 In server mode, we should not allow the AD lookups to set the backend offline. Rather just let them report an error and deal with the error separately. Reviewed-by: Pavel Březina (cherry picked from commit 20162352030d1c577bb69d44e967d2c5839e5c0e) --- src/providers/ipa/ipa_subdomains_id.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/providers/ipa/ipa_subdomains_id.c b/src/providers/ipa/ipa_subdomains_id.c index 610b1c58b3b180201cfb5b22f870f8937673e02e..ff14b4a4c68cb5c6e9865a66931ee4ecd6e49211 100644 --- a/src/providers/ipa/ipa_subdomains_id.c +++ b/src/providers/ipa/ipa_subdomains_id.c @@ -633,6 +633,7 @@ ipa_get_ad_acct_send(TALLOC_CTX *mem_ctx, ret = ENOMEM; goto fail; } + clist[1]->ignore_mark_offline = true; break; default: clist = talloc_zero_array(req, struct sdap_id_conn_ctx *, 2); @@ -641,6 +642,7 @@ ipa_get_ad_acct_send(TALLOC_CTX *mem_ctx, goto fail; } clist[0] = ad_id_ctx->ldap_ctx; + clist[0]->ignore_mark_offline = true; clist[1] = NULL; } @@ -1036,7 +1038,11 @@ ipa_get_ad_acct_ad_part_done(struct tevent_req *subreq) ret = ad_handle_acct_info_recv(subreq, &state->dp_error, NULL); talloc_zfree(subreq); - if (ret != EOK) { + if (ret == ERR_SUBDOM_INACTIVE) { + be_mark_dom_offline(state->obj_dom, be_req_get_be_ctx(state->be_req)); + tevent_req_error(req, ret); + return; + } else if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "AD lookup failed: %d\n", ret); tevent_req_error(req, ret); return; -- 2.4.3