| commit | c9b3bbdc3c36580dcb18a99ac58ae143b1926d8e | |
| author | Steven Danneman <steven.danneman@isilon.com> | |
| Sat, 15 Nov 2008 21:07:15 +0000 (15 13:07 -0800) | ||
| committer | Steven Danneman <steven.danneman@isilon.com> | |
| Tue, 18 Nov 2008 21:57:12 +0000 (18 13:57 -0800) | ||
| tree | 31c803c258a095db0433be67cae374c0ff503b0d | treesnapshot (tar.gz zip) |
| parent | f778c89592b5884c2d572c31dac3ccc14ac10dfb | commitdiff |
Fix extended DN parse error when AD object does not have a SID.
Some AD objects, like Exchange Public Folders, can be members of Security
Groups but do not have a SID attribute. This patch adds more granular return
errors to ads_get_sid_from_extended_dn(). Callers can now determine if a parse
error occured because of bad input, or the DN was valid but contained no SID.
I updated all callers to ignore SIDless objects when appropriate.
Also did some cleanup to the out paths of lookup_usergroups_memberof()
Some AD objects, like Exchange Public Folders, can be members of Security
Groups but do not have a SID attribute. This patch adds more granular return
errors to ads_get_sid_from_extended_dn(). Callers can now determine if a parse
error occured because of bad input, or the DN was valid but contained no SID.
I updated all callers to ignore SIDless objects when appropriate.
Also did some cleanup to the out paths of lookup_usergroups_memberof()
| source/include/proto.h | diffblobblamehistory | |
| source/libads/ldap.c | diffblobblamehistory | |
| source/winbindd/winbindd_ads.c | diffblobblamehistory |