IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix broken trust warnings

Browse Source 
Warning should be shown only for parent entries of trust domain. Subdomains do not contain ipaNTSecurityIdentifier attribute at all.

https://fedorahosted.org/freeipa/ticket/5737

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Martin Basti
2016-03-16 13:41:51 +01:00
parent 54a59475f3
commit de8c6d81fd
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ipalib/plugins/trust.py
View File

@@ -597,7 +597,9 @@ class trust(LDAPObject):
try:
entries, truncated = ldap.find_entries(
base_dn=DN(self.container_dn, self.api.env.basedn),
base_dn=DN(self.api.env.container_adtrusts,
self.api.env.basedn),
scope=ldap.SCOPE_ONELEVEL,
attrs_list=['cn'],
filter='(&(ipaNTTrustPartner=*)'
'(!(ipaNTSecurityIdentifier=*)))',