Mercurial > illumos > git > illumos-omnios
changeset 21405:afafd6629b96
10995 idmap fails to lookup group SID in AD
Reviewed by: Gordon Ross <gwr@nexenta.com>
Approved by: Richard Lowe <richlowe@richlowe.net>
author | Matt Barden <matt.barden@nexenta.com> |
---|---|
date | Wed, 18 Jul 2018 19:14:58 -0400 |
parents | fbbf913eecac |
children | c2d4708b2856 |
files | usr/src/cmd/idmap/idmapd/adutils.c |
diffstat | 1 files changed, 4 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/cmd/idmap/idmapd/adutils.c Mon Feb 12 16:36:31 2018 -0500 +++ b/usr/src/cmd/idmap/idmapd/adutils.c Wed Jul 18 19:14:58 2018 -0400 @@ -21,6 +21,8 @@ /* * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. + * + * Copyright 2018 Nexenta Systems, Inc. All rights reserved. */ /* @@ -59,7 +61,7 @@ #define UIDNUMBERFILTER "(&(objectclass=user)(uidNumber=%u))" #define GIDNUMBERFILTER "(&(objectclass=group)(gidNumber=%u))" #define SANFILTER "(sAMAccountName=%s)" -#define OBJSIDFILTER "(objectSid=%s)" +#define OBJSIDFILTER "(|(objectSid=%s)(sIDHistory=%s))" void idmap_ldap_res_search_cb(LDAP *ld, LDAPMessage **res, int rc, int qid, void *argp); @@ -792,7 +794,7 @@ return (IDMAP_ERR_SID); /* Assemble filter */ - (void) asprintf(&filter, OBJSIDFILTER, cbinsid); + (void) asprintf(&filter, OBJSIDFILTER, cbinsid, cbinsid); if (filter == NULL) return (IDMAP_ERR_MEMORY);