Instead of failing the group lookup, just skip them. This was impacting some users of ActiveDirectory where not all users had the appropriate attributes.
Fixes https://fedorahosted.org/sssd/ticket/1169
From 1ef67dec13388b16b6615e355eab5078261a4eb6 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher <sgall...@redhat.com> Date: Thu, 16 Feb 2012 09:26:33 -0500 Subject: [PATCH] LDAP: Ignore group member users that do not have name attributes Instead of failing the group lookup, just skip them. This was impacting some users of ActiveDirectory where not all users had the appropriate attributes. https://fedorahosted.org/sssd/ticket/1169 --- src/providers/ldap/sdap_async_groups.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index 061a99c8e49757ceeaaee67e5537ddb930012e7a..aefe3538587a89816ea0750a0b49ef0e863d7965 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -1685,8 +1685,8 @@ static errno_t sdap_nested_group_populate_users(struct sysdb_ctx *sysdb, opts->user_map[SDAP_AT_USER_NAME].name, &username); if (ret != EOK) { - DEBUG(1, ("User entry %d has no name attribute\n", i)); - goto done; + DEBUG(1, ("User entry %d has no name attribute. Skipping\n", i)); + continue; } ret = sysdb_attrs_get_el(users[i], SYSDB_ORIG_DN, &el); -- 1.7.7.6
signature.asc
Description: This is a digitally signed message part
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel