mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
07975b52c3
When ipa trust-add is executed with --range-type ad-trust-posix, the server tries to find the max uidnumber and max gidnumber from AD domain controller. The values are extracted from the entry CN=<domain>,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,<AD suffix> in the msSFU30MaxUidNumber and msSFU30MaxGidNumber attributes. msSFU30MaxUidNumber is required but not msSFU30MaxGidNumber. In case msSFU30MaxGidNumber is missing, the code is currently assigning a "None" value and later on evaluates the max between this value and msSFU30MaxUidNumber. The max function cannot compare None and a list of string and triggers an exception. To avoid the exception, assign [b'0'] to max gid if msSFU30MaxGidNumber is missing. This way, the comparison succeeds and max returns the value from msSFU30MaxUidNumber. Fixes: https://pagure.io/freeipa/issue/9310 Signed-off-by: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> |
||
|---|---|---|
| .. | ||
| advise | ||
| custodia | ||
| dnssec | ||
| install | ||
| plugins | ||
| secrets | ||
| __init__.py | ||
| dcerpc_common.py | ||
| dcerpc.py | ||
| dns_data_management.py | ||
| Makefile.am | ||
| masters.py | ||
| p11helper.py | ||
| rpcserver.py | ||
| servroles.py | ||
| setup.cfg | ||
| setup.py | ||
| topology.py | ||
| wsgi.py | ||