Hi,
see the attached patch. You can use Lukas' integration tests to help
with review.
>From 46a705afa5c04399e8ae41bfa98836cf40803f0f Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Wed, 3 Aug 2016 13:18:51 +0200
Subject: [PATCH] LDAP: Use FQDN when linking parent LDAP groups
Resolves:
https://fedorahosted.org/sssd/ticket/3093
Because we compare the list of LDAP names with the list of sysdb names,
we need to qualify the list of LDAP names before running the diff.
---
src/providers/ldap/sdap_async_initgroups.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/providers/ldap/sdap_async_initgroups.c
b/src/providers/ldap/sdap_async_initgroups.c
index
cc63dff781338e33a9802f97d98174fce2167b4b..82c708c226bf1a645ff5a395947dfdbad71e0f1f
100644
--- a/src/providers/ldap/sdap_async_initgroups.c
+++ b/src/providers/ldap/sdap_async_initgroups.c
@@ -2080,7 +2080,7 @@ rfc2307bis_group_memberships_build(hash_entry_t *item,
void *user_data)
}
if (group->parents_count > 0) {
- ret = sysdb_attrs_primary_name_list(mstate->dom, tmp_ctx,
+ ret = sysdb_attrs_primary_fqdn_list(mstate->dom, tmp_ctx,
group->ldap_parents, group->parents_count,
mstate->opts->group_map[SDAP_AT_GROUP_NAME].name,
&ldap_parents_names_list);
--
2.4.11
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org
