-
Notifications
You must be signed in to change notification settings - Fork 235
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ad: fallback to ldap if cldap is not available in libldap #5743
Conversation
Some distributions do not have cldap support available in libldap. Now we fallback to ad ping over ldap conditionally during build time. Resolves: SSSD#5720 :fixes: AD ping is now sent over `ldap` if `cldap` support is not available during build. This helps to build SSSD on distributions without `cldap` support in `libldap`.
Hi, I compiled openldap-2.5.6 without CLDAP support on fedora rawhide.
The only issue I see is that the 'CLDAP' ping log messages are misleading (ldap ping instead). The function names also, but changing those is not worth it IMO (too invasive for this). I'm not sure if it should block the PR but It would also be helpful if one of the users reporting this issue could test out the patch. |
Applying this patch to the debian bullseye package src fixes the problem with sssd/ad-group lookups. |
Thanks. @justin-stephenson We can't change name of the functions, perhaps we could change CLDAP -> LDAP in debug messages but I don't think its worth it as well. Are you going to ack this, |
Ack from my side. |
Some distributions do not have cldap support available in libldap. Now
we fallback to ad ping over ldap conditionally during build time.
Resolves: #5720