Alexander Bokovoy 75882516c4 ipasam: allow search of users by user principal name (UPN) ... lookup_name() in Samba may call PASSDB API to search by a UPN (e.g. username@suffix). Support this call by detecting '@' in the passed name and setting up filter to be (&(objectClass=ipaNTUserAttrs)(objectClass=krbPrincipalAux)(krbPrincipalName:caseIgnoreIA5Match:=%s)) instead of (&(objectClass=ipaNTUserAttrs)(uid=%s)) The result of the search would still contain a proper user entry as we always have krbPrincipalName in LDAP entries of IPA users. Note that the match must be case-insensitive because otherwise krbPrincipalName is matched with exact case in the schema. We use the same matching override in KDB driver already. Fixes: https://pagure.io/freeipa/issue/8661 Signed-of-by: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>		2021-01-22 12:21:33 -05:00
..
dnssec	systemd: enforce en_US.UTF-8 locale in systemd units	2020-12-10 14:38:05 +02:00
ipa-kdb	ipa-kdb: provide correct logon time in MS-PAC from authentication time	2021-01-22 12:21:33 -05:00
ipa-otpd	systemd: enforce en_US.UTF-8 locale in systemd units	2020-12-10 14:38:05 +02:00
ipa-sam	ipasam: allow search of users by user principal name (UPN)	2021-01-22 12:21:33 -05:00
ipa-slapi-plugins	On password reset also set krbLastAdminUnlock to unlock account	2020-11-11 10:29:25 +02:00
ipa-version.h.in	Build: move version handling from Makefile to configure	2016-11-09 13:08:32 +01:00
Makefile.am	build: Unify compiler warning flags used	2021-01-15 14:11:56 +01:00