ipaserver/dcerpc: store forest topology as a blob in ipasam

winbindd expects forest topology information blob to find out child domains. We should store it in LDAP and let ipasam to retrieve it. In fact, ipasam already supports updating and loading this information but during 'ipa trust-fetch-domains' we didn't provide it. Make sure the blob is preserved after it was retrieved and also updated when we fetch forest topology information. Fixes: https://pagure.io/freeipa/issue/8576 Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2025-02-25 18:55:28 -06:00 · 2021-01-18 17:51:43 +02:00
parent 08d7d90ab0
commit 214aeb7243
2 changed files with 94 additions and 29 deletions
--- a/ipaserver/plugins/trust.py
+++ b/ipaserver/plugins/trust.py
@@ -1744,6 +1744,9 @@ def add_new_domains_from_trust(myapi, trustinstance, trust_entry,
        tlns = entry.get('ipantadditionalsuffixes', [])
        tlns.extend(x for x in suffixes if x not in tlns)
        entry['ipantadditionalsuffixes'] = tlns
+        ftidata = domains.get('ftinfo_data', None)
+        if ftidata is not None:
+            entry['ipanttrustforesttrustinfo'] = [ftidata]
        ldap.update_entry(entry)
    except errors.EmptyModlist:
        pass