mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
When ipa trust-add is executed with --range-type ad-trust-posix, the server tries to find the max uidnumber and max gidnumber from AD domain controller. The values are extracted from the entry CN=<domain>,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,<AD suffix> in the msSFU30MaxUidNumber and msSFU30MaxGidNumber attributes. msSFU30MaxUidNumber is required but not msSFU30MaxGidNumber. In case msSFU30MaxGidNumber is missing, the code is currently assigning a "None" value and later on evaluates the max between this value and msSFU30MaxUidNumber. The max function cannot compare None and a list of string and triggers an exception. To avoid the exception, assign [b'0'] to max gid if msSFU30MaxGidNumber is missing. This way, the comparison succeeds and max returns the value from msSFU30MaxUidNumber. Fixes: https://pagure.io/freeipa/issue/9310 Signed-off-by: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> |
||
---|---|---|
.. | ||
advise | ||
custodia | ||
dnssec | ||
install | ||
plugins | ||
secrets | ||
__init__.py | ||
dcerpc_common.py | ||
dcerpc.py | ||
dns_data_management.py | ||
Makefile.am | ||
masters.py | ||
p11helper.py | ||
rpcserver.py | ||
servroles.py | ||
setup.cfg | ||
setup.py | ||
topology.py | ||
wsgi.py |