mirror of
https://github.com/samba-team/samba.git
synced 2025-02-03 13:47:25 +03:00
s3: add LDAP Alias Dereferencing support
Thanks to Dan Cox for initial patch for 3.0. This closes #2350.
This commit is contained in:
Björn Jacke
parent
835e7d6c98
commit
66836445a2
@ -877,6 +877,7 @@ static int smbldap_open_connection (struct smbldap_state *ldap_state)
|
||||
{
|
||||
int rc = LDAP_SUCCESS;
|
||||
int version;
|
||||
int deref;
|
||||
LDAP **ldap_struct = &ldap_state->ldap_struct;
|
||||
|
||||
rc = smb_ldap_setup_conn(ldap_struct, ldap_state->uri);
|
||||
@ -902,6 +903,16 @@ static int smbldap_open_connection (struct smbldap_state *ldap_state)
|
||||
return rc;
|
||||
}
|
||||
|
||||
/* Set alias dereferencing method */
|
||||
deref = lp_ldap_deref();
|
||||
if (deref != -1) {
|
||||
if (ldap_set_option (*ldap_struct, LDAP_OPT_DEREF, &deref) != LDAP_OPT_SUCCESS) {
|
||||
DEBUG(1,("smbldap_open_connection: Failed to set dereferencing method: %d\n", deref));
|
||||
} else {
|
||||
DEBUG(5,("Set dereferencing method: %d\n", deref));
|
||||
}
|
||||
}
|
||||
|
||||
DEBUG(2, ("smbldap_open_connection: connection opened\n"));
|
||||
return rc;
|
||||
}
|
||||
|
||||
@ -259,6 +259,7 @@ struct global {
|
||||
char *szLdapGroupSuffix;
|
||||
int ldap_ssl;
|
||||
bool ldap_ssl_ads;
|
||||
int ldap_deref;
|
||||
int ldap_follow_referral;
|
||||
char *szLdapSuffix;
|
||||
char *szLdapAdminDn;
|
||||
@ -746,6 +747,14 @@ static const struct enum_list enum_ldap_ssl[] = {
|
||||
{-1, NULL}
|
||||
};
|
||||
|
||||
static const struct enum_list enum_ldap_deref[] = {
|
||||
{LDAP_DEREFERENCE_NEVER, "never"},
|
||||
{LDAP_DEREFERENCE_SEARCHING, "searching"},
|
||||
{LDAP_DEREFERENCE_FINDING, "finding"},
|
||||
{LDAP_DEREFERENCE_ALWAYS, "always"},
|
||||
{-1, NULL}
|
||||
};
|
||||
|
||||
static const struct enum_list enum_ldap_passwd_sync[] = {
|
||||
{LDAP_PASSWD_SYNC_OFF, "no"},
|
||||
{LDAP_PASSWD_SYNC_OFF, "off"},
|
||||
@ -3670,6 +3679,15 @@ static struct parm_struct parm_table[] = {
|
||||
.enum_list = NULL,
|
||||
.flags = FLAG_ADVANCED,
|
||||
},
|
||||
{
|
||||
.label = "ldap deref",
|
||||
.type = P_ENUM,
|
||||
.p_class = P_GLOBAL,
|
||||
.ptr = &Globals.ldap_deref,
|
||||
.special = NULL,
|
||||
.enum_list = enum_ldap_deref,
|
||||
.flags = FLAG_ADVANCED,
|
||||
},
|
||||
{
|
||||
.label = "ldap follow referral",
|
||||
.type = P_ENUM,
|
||||
@ -5064,6 +5082,7 @@ static void init_globals(bool first_time_only)
|
||||
string_set(&Globals.szLdapAdminDn, "");
|
||||
Globals.ldap_ssl = LDAP_SSL_START_TLS;
|
||||
Globals.ldap_ssl_ads = False;
|
||||
Globals.ldap_deref = LDAP_DEREFERENCE_NEVER;
|
||||
Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
|
||||
Globals.ldap_delete_dn = False;
|
||||
Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
|
||||
@ -5418,6 +5437,7 @@ FN_GLOBAL_STRING(lp_ldap_suffix, &Globals.szLdapSuffix)
|
||||
FN_GLOBAL_STRING(lp_ldap_admin_dn, &Globals.szLdapAdminDn)
|
||||
FN_GLOBAL_INTEGER(lp_ldap_ssl, &Globals.ldap_ssl)
|
||||
FN_GLOBAL_BOOL(lp_ldap_ssl_ads, &Globals.ldap_ssl_ads)
|
||||
FN_GLOBAL_INTEGER(lp_ldap_deref, &Globals.ldap_deref)
|
||||
FN_GLOBAL_INTEGER(lp_ldap_follow_referral, &Globals.ldap_follow_referral)
|
||||
FN_GLOBAL_INTEGER(lp_ldap_passwd_sync, &Globals.ldap_passwd_sync)
|
||||
FN_GLOBAL_BOOL(lp_ldap_delete_dn, &Globals.ldap_delete_dn)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user