From 80959e30ce7c57b5865f5358c42a7bcffe450d4d Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Mon, 20 May 2024 17:22:36 +0200
Subject: Merging upstream version 2.9.5.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 src/providers/ldap/sdap.h | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'src/providers/ldap/sdap.h')

diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h
index 161bc5c..103d50e 100644
--- a/src/providers/ldap/sdap.h
+++ b/src/providers/ldap/sdap.h
@@ -454,6 +454,17 @@ struct sdap_domain {
 
     char *basedn;
 
+    /* The naming_context could be a more reliable source than basedn for the
+     * actual base DN because basedn is set very early from the domain name
+     * given in sssd.conf. Although it is recommended to use the fully
+     * qualified DNS domain name here it is not required. As a result basedn
+     * might not reflect the actual based DN of the LDAP server. Also pure
+     * LDAP server (i.e. not AD or FreeIPA) might use different schemes to set
+     * the base DN which will not be based on the DNS domain of the LDAP
+     * server. naming_context might be NULL even after connection to an LDAP
+     * server. */
+    char *naming_context;
+
     struct sdap_search_base **search_bases;
     struct sdap_search_base **user_search_bases;
     struct sdap_search_base **group_search_bases;
-- 
cgit v1.2.3