IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-25 16:31:08 -06:00
Code Issues Packages Projects Releases Wiki Activity

ipa_range_check: Do not fail when no trusted domain is available

Browse Source 
When building the domain to forest root map, we need to take the case
of IPA server having no trusted domains configured at all. Do not abort
the checks, but return an empty map instead.

Part of: https://fedorahosted.org/freeipa/ticket/4137

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Tomas Babej 2014-04-16 17:26:07 +02:00 committed by Martin Kosek
parent 246e722b4f
commit 6c8b40afb5
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
daemons/ipa-slapi-plugins/ipa-range-check/ipa_range_check.c
View File

@ -173,6 +173,8 @@ static int build_domain_to_forest_root_map(struct domain_info **head,
int search_result; int search_result;
int ret = 0; int ret = 0;
LOG("Building forest root map \n");
/* Set the base DN for the search to cn=ad, cn=trusts, $SUFFIX */ /* Set the base DN for the search to cn=ad, cn=trusts, $SUFFIX */
ret = asprintf(&base, "cn=ad,cn=trusts,%s", ctx->base_dn); ret = asprintf(&base, "cn=ad,cn=trusts,%s", ctx->base_dn);
if (ret == -1) { if (ret == -1) {
@ -211,8 +213,14 @@ static int build_domain_to_forest_root_map(struct domain_info **head,
ret = slapi_pblock_get(trusted_domain_search_pb, SLAPI_PLUGIN_INTOP_RESULT, &search_result); ret = slapi_pblock_get(trusted_domain_search_pb, SLAPI_PLUGIN_INTOP_RESULT, &search_result);
if (ret != 0 || search_result != LDAP_SUCCESS) { if (ret != 0 || search_result != LDAP_SUCCESS) {
LOG_FATAL("Internal search failed.\n");
ret = LDAP_OPERATIONS_ERROR; /* If the search for the trusted domains fails,
* AD Trust support on IPA server is not available */
LOG("Empty forest root map as trusts are not enabled on this IPA server.\n");
ret = 0;
*head = NULL;
goto done; goto done;
} }