IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

trusts: combine filters with AND to make sure only the intended domain matches

Browse Source
This commit is contained in:
Jakub Hrozek
2013-10-23 19:39:17 +02:00
committed by Alexander Bokovoy
parent ced2170b9d
commit c088c940e6
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ipalib/plugins/trust.py
View File

@@ -255,7 +255,8 @@ class trust(LDAPObject):
trust_type = kwargs.get('trust_type')
if trust_type is None:
ldap = self.backend
filter = ldap.make_filter({'objectclass': ['ipaNTTrustedDomain'], 'cn': [keys[-1]]})
filter = ldap.make_filter({'objectclass': ['ipaNTTrustedDomain'], 'cn': [keys[-1]] },
rules=ldap.MATCH_ALL)
filter = ldap.combine_filters((filter, "ipaNTSIDBlacklistIncoming=*"), rules=ldap.MATCH_ALL)
try:
result = ldap.get_entries(DN(self.container_dn, self.env.basedn),