Hi,
recently the uuid attributes were removed because they were not used and
caused issues. With views and overrides they will be used at least in
the IPA case. This patch set reverts the removal and fixes the default
values to avoid issues like https://fedorahosted.org/sssd/ticket/2383 .
bye,
Sumit
From 69808618beb3802375ddf64580cf437bb6cd184e Mon Sep 17 00:00:00 2001
From: Sumit Bose <sb...@redhat.com>
Date: Wed, 5 Nov 2014 17:35:45 +0100
Subject: [PATCH 1/3] Revert "LDAP: Remove unused option ldap_user_uuid"
This reverts commit dfb2960ab251f609466fa660449703835c97f99a.
---
src/config/SSSDConfig/__init__.py.in | 1 +
src/config/SSSDConfig/sssd_upgrade_config.py | 1 +
src/config/etc/sssd.api.d/sssd-ad.conf | 1 +
src/config/etc/sssd.api.d/sssd-ipa.conf | 1 +
src/config/etc/sssd.api.d/sssd-ldap.conf | 1 +
src/man/sssd-ldap.5.xml | 13 +++++++++++++
src/providers/ad/ad_opts.h | 1 +
src/providers/ipa/ipa_opts.h | 1 +
src/providers/ldap/ldap_opts.h | 4 ++++
src/providers/ldap/sdap.h | 1 +
10 files changed, 25 insertions(+)
diff --git a/src/config/SSSDConfig/__init__.py.in
b/src/config/SSSDConfig/__init__.py.in
index b4560ea..73195bc 100644
--- a/src/config/SSSDConfig/__init__.py.in
+++ b/src/config/SSSDConfig/__init__.py.in
@@ -272,6 +272,7 @@ option_strings = {
'ldap_user_gecos' : _('GECOS attribute'),
'ldap_user_home_directory' : _('Home directory attribute'),
'ldap_user_shell' : _('Shell attribute'),
+ 'ldap_user_uuid' : _('UUID attribute'),
'ldap_user_objectsid' : _("objectSID attribute"),
'ldap_user_primary_group' : _('Active Directory primary group attribute
for ID-mapping'),
'ldap_user_principal' : _('User principal attribute (for Kerberos)'),
diff --git a/src/config/SSSDConfig/sssd_upgrade_config.py
b/src/config/SSSDConfig/sssd_upgrade_config.py
index 3d9f788..97be654 100644
--- a/src/config/SSSDConfig/sssd_upgrade_config.py
+++ b/src/config/SSSDConfig/sssd_upgrade_config.py
@@ -170,6 +170,7 @@ class SSSDConfigFile(SSSDChangeConf):
'ldap_user_gecos' : 'userGecos',
'ldap_user_home_directory' : 'userHomeDirectory',
'ldap_user_shell' : 'userShell',
+ 'ldap_user_uuid' : 'userUUID',
'ldap_user_principal' : 'userPrincipal',
'ldap_force_upper_case_realm' : 'force_upper_case_realm',
'ldap_user_fullname' : 'userFullname',
diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf
b/src/config/etc/sssd.api.d/sssd-ad.conf
index 5dd4fb4..f8b200e 100644
--- a/src/config/etc/sssd.api.d/sssd-ad.conf
+++ b/src/config/etc/sssd.api.d/sssd-ad.conf
@@ -72,6 +72,7 @@ ldap_user_gid_number = str, None, false
ldap_user_gecos = str, None, false
ldap_user_home_directory = str, None, false
ldap_user_shell = str, None, false
+ldap_user_uuid = str, None, false
ldap_user_objectsid = str, None, false
ldap_user_primary_group = str, None, false
ldap_user_principal = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf
b/src/config/etc/sssd.api.d/sssd-ipa.conf
index 8713385..91dc9ec 100644
--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
@@ -69,6 +69,7 @@ ldap_user_gid_number = str, None, false
ldap_user_gecos = str, None, false
ldap_user_home_directory = str, None, false
ldap_user_shell = str, None, false
+ldap_user_uuid = str, None, false
ldap_user_objectsid = str, None, false
ldap_user_primary_group = str, None, false
ldap_user_principal = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf
b/src/config/etc/sssd.api.d/sssd-ldap.conf
index 29276bf..68d5b49 100644
--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
@@ -56,6 +56,7 @@ ldap_user_gid_number = str, None, false
ldap_user_gecos = str, None, false
ldap_user_home_directory = str, None, false
ldap_user_shell = str, None, false
+ldap_user_uuid = str, None, false
ldap_user_objectsid = str, None, false
ldap_user_primary_group = str, None, false
ldap_user_principal = str, None, false
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index 9a9410b..24bc34d 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -338,6 +338,19 @@
</varlistentry>
<varlistentry>
+ <term>ldap_user_uuid (string)</term>
+ <listitem>
+ <para>
+ The LDAP attribute that contains the UUID/GUID of
+ an LDAP user object.
+ </para>
+ <para>
+ Default: nsUniqueId
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term>ldap_user_objectsid (string)</term>
<listitem>
<para>
diff --git a/src/providers/ad/ad_opts.h b/src/providers/ad/ad_opts.h
index 452516c..ee70b3c 100644
--- a/src/providers/ad/ad_opts.h
+++ b/src/providers/ad/ad_opts.h
@@ -187,6 +187,7 @@ struct sdap_attr_map ad_2008r2_user_map[] = {
{ "ldap_user_principal", "userPrincipalName", SYSDB_UPN, NULL },
{ "ldap_user_fullname", "name", SYSDB_FULLNAME, NULL },
{ "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
+ { "ldap_user_uuid", "objectGUID", SYSDB_UUID, NULL },
{ "ldap_user_objectsid", "objectSID", SYSDB_SID, NULL },
{ "ldap_user_primary_group", "primaryGroupID", SYSDB_PRIMARY_GROUP, NULL },
{ "ldap_user_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL },
diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h
index 473eca4..3fe858c 100644
--- a/src/providers/ipa/ipa_opts.h
+++ b/src/providers/ipa/ipa_opts.h
@@ -178,6 +178,7 @@ struct sdap_attr_map ipa_user_map[] = {
{ "ldap_user_principal", "krbPrincipalName", SYSDB_UPN, NULL },
{ "ldap_user_fullname", "cn", SYSDB_FULLNAME, NULL },
{ "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
+ { "ldap_user_uuid", "nsUniqueId", SYSDB_UUID, NULL },
{ "ldap_user_objectsid", "ipaNTSecurityIdentifier", SYSDB_SID_STR, NULL },
{ "ldap_user_primary_group", NULL, SYSDB_PRIMARY_GROUP, NULL },
{ "ldap_user_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP,
NULL },
diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h
index 61e3309..2e93741 100644
--- a/src/providers/ldap/ldap_opts.h
+++ b/src/providers/ldap/ldap_opts.h
@@ -155,6 +155,7 @@ struct sdap_attr_map rfc2307_user_map[] = {
{ "ldap_user_principal", "krbPrincipalName", SYSDB_UPN, NULL },
{ "ldap_user_fullname", "cn", SYSDB_FULLNAME, NULL },
{ "ldap_user_member_of", NULL, SYSDB_MEMBEROF, NULL },
+ { "ldap_user_uuid", NULL, SYSDB_UUID, NULL },
{ "ldap_user_objectsid", "objectSID", SYSDB_SID, NULL },
{ "ldap_user_primary_group", NULL, SYSDB_PRIMARY_GROUP, NULL },
{ "ldap_user_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP,
NULL },
@@ -207,6 +208,8 @@ struct sdap_attr_map rfc2307bis_user_map[] = {
{ "ldap_user_principal", "krbPrincipalName", SYSDB_UPN, NULL },
{ "ldap_user_fullname", "cn", SYSDB_FULLNAME, NULL },
{ "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
+ /* FIXME: this is 389ds specific */
+ { "ldap_user_uuid", "nsUniqueId", SYSDB_UUID, NULL },
{ "ldap_user_objectsid", "objectSID", SYSDB_SID, NULL },
{ "ldap_user_primary_group", NULL, SYSDB_PRIMARY_GROUP, NULL },
{ "ldap_user_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP,
NULL },
@@ -259,6 +262,7 @@ struct sdap_attr_map gen_ad2008r2_user_map[] = {
{ "ldap_user_principal", "userPrincipalName", SYSDB_UPN, NULL },
{ "ldap_user_fullname", "name", SYSDB_FULLNAME, NULL },
{ "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
+ { "ldap_user_uuid", "objectGUID", SYSDB_UUID, NULL },
{ "ldap_user_objectsid", "objectSID", SYSDB_SID, NULL },
{ "ldap_user_primary_group", "primaryGroupID", SYSDB_PRIMARY_GROUP, NULL },
{ "ldap_user_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL },
diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h
index e9e2356..906fd74 100644
--- a/src/providers/ldap/sdap.h
+++ b/src/providers/ldap/sdap.h
@@ -256,6 +256,7 @@ enum sdap_user_attrs {
SDAP_AT_USER_PRINC,
SDAP_AT_USER_FULLNAME,
SDAP_AT_USER_MEMBEROF,
+ SDAP_AT_USER_UUID,
SDAP_AT_USER_OBJECTSID,
SDAP_AT_USER_PRIMARY_GROUP,
SDAP_AT_USER_MODSTAMP,
--
1.8.3.1
From dfe5026f15b425b2114fff4d2731305d07eb0bb3 Mon Sep 17 00:00:00 2001
From: Sumit Bose <sb...@redhat.com>
Date: Wed, 5 Nov 2014 17:38:05 +0100
Subject: [PATCH 2/3] Revert "LDAP: Remove unused option ldap_group_uuid"
This reverts commit b5242c146cc0ca96e2b898a74fb060efda15bc77.
---
src/config/SSSDConfig/__init__.py.in | 1 +
src/config/SSSDConfig/sssd_upgrade_config.py | 1 +
src/config/etc/sssd.api.d/sssd-ad.conf | 1 +
src/config/etc/sssd.api.d/sssd-ipa.conf | 1 +
src/config/etc/sssd.api.d/sssd-ldap.conf | 1 +
src/man/sssd-ldap.5.xml | 13 +++++++++++++
src/providers/ad/ad_opts.h | 1 +
src/providers/ipa/ipa_opts.h | 1 +
src/providers/ldap/ldap_opts.h | 4 ++++
src/providers/ldap/sdap.h | 1 +
10 files changed, 25 insertions(+)
diff --git a/src/config/SSSDConfig/__init__.py.in
b/src/config/SSSDConfig/__init__.py.in
index 73195bc..283ed2d 100644
--- a/src/config/SSSDConfig/__init__.py.in
+++ b/src/config/SSSDConfig/__init__.py.in
@@ -309,6 +309,7 @@ option_strings = {
'ldap_group_pwd' : _('Group password'),
'ldap_group_gid_number' : _('GID attribute'),
'ldap_group_member' : _('Group member attribute'),
+ 'ldap_group_uuid' : _('Group UUID attribute'),
'ldap_group_objectsid' : _("objectSID attribute"),
'ldap_group_modify_timestamp' : _('Modification time attribute for
groups'),
'ldap_group_type' : _('Type of the group and other flags'),
diff --git a/src/config/SSSDConfig/sssd_upgrade_config.py
b/src/config/SSSDConfig/sssd_upgrade_config.py
index 97be654..33d9fed 100644
--- a/src/config/SSSDConfig/sssd_upgrade_config.py
+++ b/src/config/SSSDConfig/sssd_upgrade_config.py
@@ -184,6 +184,7 @@ class SSSDConfigFile(SSSDChangeConf):
'ldap_group_pwd' : 'userPassword',
'ldap_group_gid_number' : 'groupGidNumber',
'ldap_group_member' : 'groupMember',
+ 'ldap_group_uuid' : 'groupUUID',
'ldap_group_modify_timestamp' : 'modifyTimestamp',
'ldap_network_timeout' : 'network_timeout',
'ldap_offline_timeout' : 'offline_timeout',
diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf
b/src/config/etc/sssd.api.d/sssd-ad.conf
index f8b200e..3daa256 100644
--- a/src/config/etc/sssd.api.d/sssd-ad.conf
+++ b/src/config/etc/sssd.api.d/sssd-ad.conf
@@ -98,6 +98,7 @@ ldap_group_object_class = str, None, false
ldap_group_name = str, None, false
ldap_group_gid_number = str, None, false
ldap_group_member = str, None, false
+ldap_group_uuid = str, None, false
ldap_group_objectsid = str, None, false
ldap_group_modify_timestamp = str, None, false
ldap_group_entry_usn = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf
b/src/config/etc/sssd.api.d/sssd-ipa.conf
index 91dc9ec..5df5258 100644
--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
@@ -95,6 +95,7 @@ ldap_group_object_class = str, None, false
ldap_group_name = str, None, false
ldap_group_gid_number = str, None, false
ldap_group_member = str, None, false
+ldap_group_uuid = str, None, false
ldap_group_objectsid = str, None, false
ldap_group_modify_timestamp = str, None, false
ldap_group_entry_usn = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf
b/src/config/etc/sssd.api.d/sssd-ldap.conf
index 68d5b49..ba5f56f 100644
--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
@@ -90,6 +90,7 @@ ldap_group_object_class = str, None, false
ldap_group_name = str, None, false
ldap_group_gid_number = str, None, false
ldap_group_member = str, None, false
+ldap_group_uuid = str, None, false
ldap_group_objectsid = str, None, false
ldap_group_modify_timestamp = str, None, false
ldap_group_entry_usn = str, None, false
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index 24bc34d..f45522b 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -859,6 +859,19 @@
</varlistentry>
<varlistentry>
+ <term>ldap_group_uuid (string)</term>
+ <listitem>
+ <para>
+ The LDAP attribute that contains the UUID/GUID of
+ an LDAP group object.
+ </para>
+ <para>
+ Default: nsUniqueId
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term>ldap_group_objectsid (string)</term>
<listitem>
<para>
diff --git a/src/providers/ad/ad_opts.h b/src/providers/ad/ad_opts.h
index ee70b3c..ac6006c 100644
--- a/src/providers/ad/ad_opts.h
+++ b/src/providers/ad/ad_opts.h
@@ -221,6 +221,7 @@ struct sdap_attr_map ad_2008r2_group_map[] = {
{ "ldap_group_pwd", NULL, SYSDB_PWD, NULL },
{ "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
{ "ldap_group_member", "member", SYSDB_MEMBER, NULL },
+ { "ldap_group_uuid", "objectGUID", SYSDB_UUID, NULL },
{ "ldap_group_objectsid", "objectSID", SYSDB_SID, NULL },
{ "ldap_group_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL
},
{ "ldap_group_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL },
diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h
index 3fe858c..e0478db 100644
--- a/src/providers/ipa/ipa_opts.h
+++ b/src/providers/ipa/ipa_opts.h
@@ -212,6 +212,7 @@ struct sdap_attr_map ipa_group_map[] = {
{ "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
{ "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
{ "ldap_group_member", "member", SYSDB_MEMBER, NULL },
+ { "ldap_group_uuid", "nsUniqueId", SYSDB_UUID, NULL },
{ "ldap_group_objectsid", "ipaNTSecurityIdentifier", SYSDB_SID_STR, NULL },
{ "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP,
NULL },
{ "ldap_group_entry_usn", NULL, SYSDB_USN, NULL },
diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h
index 2e93741..096a63b 100644
--- a/src/providers/ldap/ldap_opts.h
+++ b/src/providers/ldap/ldap_opts.h
@@ -189,6 +189,7 @@ struct sdap_attr_map rfc2307_group_map[] = {
{ "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
{ "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
{ "ldap_group_member", "memberuid", SYSDB_MEMBER, NULL },
+ { "ldap_group_uuid", NULL, SYSDB_UUID, NULL },
{ "ldap_group_objectsid", "objectSID", SYSDB_SID, NULL },
{ "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP,
NULL },
{ "ldap_group_entry_usn", NULL, SYSDB_USN, NULL },
@@ -243,6 +244,8 @@ struct sdap_attr_map rfc2307bis_group_map[] = {
{ "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
{ "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
{ "ldap_group_member", "member", SYSDB_MEMBER, NULL },
+ /* FIXME: this is 389ds specific */
+ { "ldap_group_uuid", "nsUniqueId", SYSDB_UUID, NULL },
{ "ldap_group_objectsid", "objectSID", SYSDB_SID, NULL },
{ "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP,
NULL },
{ "ldap_group_entry_usn", NULL, SYSDB_USN, NULL },
@@ -296,6 +299,7 @@ struct sdap_attr_map gen_ad2008r2_group_map[] = {
{ "ldap_group_pwd", NULL, SYSDB_PWD, NULL },
{ "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
{ "ldap_group_member", "member", SYSDB_MEMBER, NULL },
+ { "ldap_group_uuid", "objectGUID", SYSDB_UUID, NULL },
{ "ldap_group_objectsid", "objectSID", SYSDB_SID, NULL },
{ "ldap_group_modify_timestamp", "whenChanged", SYSDB_ORIG_MODSTAMP, NULL
},
{ "ldap_group_entry_usn", SDAP_AD_USN, SYSDB_USN, NULL },
diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h
index 906fd74..aa10623 100644
--- a/src/providers/ldap/sdap.h
+++ b/src/providers/ldap/sdap.h
@@ -295,6 +295,7 @@ enum sdap_group_attrs {
SDAP_AT_GROUP_PWD,
SDAP_AT_GROUP_GID,
SDAP_AT_GROUP_MEMBER,
+ SDAP_AT_GROUP_UUID,
SDAP_AT_GROUP_OBJECTSID,
SDAP_AT_GROUP_MODSTAMP,
SDAP_AT_GROUP_USN,
--
1.8.3.1
From 50cd6b3aa9b16a8f95a2c1e3da438c2176ddba1d Mon Sep 17 00:00:00 2001
From: Sumit Bose <sb...@redhat.com>
Date: Wed, 5 Nov 2014 18:01:07 +0100
Subject: [PATCH 3/3] Fix uuid defaults
Recently the uuid attributes for user and groups were removed because
it was found that there are not used at all and that some of them where
causing issues (https://fedorahosted.org/sssd/ticket/2383).
The new views/overrides feature of FreeIPA uses the ipaUniqueID attribute
to relate overrides with the original IPA objects. The previous two
patches revert the removal of the uuid attributes from users and groups
with this patch set the default value of these attributes to
ipaUniqueID from the IPA provider, to objectGUID for the AD provider and
leaves them unset for the general LDAP case to avoid issues like the one
from ticket #2383.
Related to https://fedorahosted.org/sssd/ticket/2481
---
src/man/sssd-ldap.5.xml | 6 ++++--
src/providers/ipa/ipa_opts.h | 4 ++--
src/providers/ldap/ldap_opts.h | 6 ++----
3 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
index f45522b..dad6f27 100644
--- a/src/man/sssd-ldap.5.xml
+++ b/src/man/sssd-ldap.5.xml
@@ -345,7 +345,8 @@
an LDAP user object.
</para>
<para>
- Default: nsUniqueId
+ Default: not set in the general case, objectGUID
for
+ AD and ipaUniqueID for IPA
</para>
</listitem>
</varlistentry>
@@ -866,7 +867,8 @@
an LDAP group object.
</para>
<para>
- Default: nsUniqueId
+ Default: not set in the general case, objectGUID
for
+ AD and ipaUniqueID for IPA
</para>
</listitem>
</varlistentry>
diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h
index e0478db..59282e8 100644
--- a/src/providers/ipa/ipa_opts.h
+++ b/src/providers/ipa/ipa_opts.h
@@ -178,7 +178,7 @@ struct sdap_attr_map ipa_user_map[] = {
{ "ldap_user_principal", "krbPrincipalName", SYSDB_UPN, NULL },
{ "ldap_user_fullname", "cn", SYSDB_FULLNAME, NULL },
{ "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
- { "ldap_user_uuid", "nsUniqueId", SYSDB_UUID, NULL },
+ { "ldap_user_uuid", "ipaUniqueID", SYSDB_UUID, NULL },
{ "ldap_user_objectsid", "ipaNTSecurityIdentifier", SYSDB_SID_STR, NULL },
{ "ldap_user_primary_group", NULL, SYSDB_PRIMARY_GROUP, NULL },
{ "ldap_user_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP,
NULL },
@@ -212,7 +212,7 @@ struct sdap_attr_map ipa_group_map[] = {
{ "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
{ "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
{ "ldap_group_member", "member", SYSDB_MEMBER, NULL },
- { "ldap_group_uuid", "nsUniqueId", SYSDB_UUID, NULL },
+ { "ldap_group_uuid", "ipaUniqueID", SYSDB_UUID, NULL },
{ "ldap_group_objectsid", "ipaNTSecurityIdentifier", SYSDB_SID_STR, NULL },
{ "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP,
NULL },
{ "ldap_group_entry_usn", NULL, SYSDB_USN, NULL },
diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h
index 096a63b..29d9faf 100644
--- a/src/providers/ldap/ldap_opts.h
+++ b/src/providers/ldap/ldap_opts.h
@@ -209,8 +209,7 @@ struct sdap_attr_map rfc2307bis_user_map[] = {
{ "ldap_user_principal", "krbPrincipalName", SYSDB_UPN, NULL },
{ "ldap_user_fullname", "cn", SYSDB_FULLNAME, NULL },
{ "ldap_user_member_of", "memberOf", SYSDB_MEMBEROF, NULL },
- /* FIXME: this is 389ds specific */
- { "ldap_user_uuid", "nsUniqueId", SYSDB_UUID, NULL },
+ { "ldap_user_uuid", NULL, SYSDB_UUID, NULL },
{ "ldap_user_objectsid", "objectSID", SYSDB_SID, NULL },
{ "ldap_user_primary_group", NULL, SYSDB_PRIMARY_GROUP, NULL },
{ "ldap_user_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP,
NULL },
@@ -244,8 +243,7 @@ struct sdap_attr_map rfc2307bis_group_map[] = {
{ "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
{ "ldap_group_gid_number", "gidNumber", SYSDB_GIDNUM, NULL },
{ "ldap_group_member", "member", SYSDB_MEMBER, NULL },
- /* FIXME: this is 389ds specific */
- { "ldap_group_uuid", "nsUniqueId", SYSDB_UUID, NULL },
+ { "ldap_group_uuid", NULL, SYSDB_UUID, NULL },
{ "ldap_group_objectsid", "objectSID", SYSDB_SID, NULL },
{ "ldap_group_modify_timestamp", "modifyTimestamp", SYSDB_ORIG_MODSTAMP,
NULL },
{ "ldap_group_entry_usn", NULL, SYSDB_USN, NULL },
--
1.8.3.1
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
