URL:
https://github.com/SSSD/sssd/pull/5743
Title: #5743: ad: fallback to ldap if cldap is not available in libldap
justin-stephenson commented:
"""
Hi, I compiled openldap-2.5.6 without CLDAP support on fedora rawhide.
* Before the PR:
~~~
(2021-08-17 14:25:02): [be[ad.vm]] [ad_cldap_ping_send] (0x0400): Sending CLDAP ping
(2021-08-17 14:25:02): [be[ad.vm]] [ad_cldap_ping_domain_discovery_done] (0x0400): Found 1
domain controllers in domain ad.vm
(2021-08-17 14:25:02): [be[ad.vm]] [sdap_connect_host_resolv_done] (0x0400): Connecting to
cldap://root-dc.ad.vm:389
(2021-08-17 14:25:02): [be[ad.vm]] [sss_ldap_init_sys_connect_done] (0x0020): ldap_init_fd
failed: Bad parameter to an ldap routine. [22][cldap://root-dc.ad.vm:389]
(2021-08-17 14:25:02): [be[ad.vm]] [ad_cldap_ping_done] (0x0040): Unable to get site and
forest information [2]: No such file or directory
~~~
* After the PR:
~~~
[root(a)master.client.vm ~]# egrep -irn 'sdap_connect_host_send|cldap'
/var/log/sssd/sssd_ad.vm.log
457:(2021-08-17 15:02:17): [be[ad.vm]] [ad_cldap_ping_send] (0x0400): Sending CLDAP ping
477:(2021-08-17 15:02:17): [be[ad.vm]] [ad_cldap_ping_domain_discovery_done] (0x0400):
Found 1 domain controllers in domain ad.vm
478:(2021-08-17 15:02:17): [be[ad.vm]] [sdap_connect_host_send] (0x0400): Resolving host
root-dc.ad.vm
506:(2021-08-17 15:02:17): [be[ad.vm]] [ad_cldap_ping_dc_done] (0x0400):
root-dc.ad.vm:389: found site (Default-First-Site-Name) and forest (ad.vm)
507:(2021-08-17 15:02:17): [be[ad.vm]] [ad_cldap_ping_done] (0x0400): Found site:
Default-First-Site-Name
508:(2021-08-17 15:02:17): [be[ad.vm]] [ad_cldap_ping_done] (0x0400): Found forest:
ad.vm
1330:(2021-08-17 15:02:31): [be[ad.vm]] [ad_cldap_ping_send] (0x0400): [RID#6] CLDAP ping
is not necessary, using site 'Default-First-Site-Name' and forest
'ad.vm'
~~~
The only issue I see is that the 'CLDAP' ping log messages are misleading (ldap
ping instead). The function names also, but changing those is not worth it IMO (too
invasive for this).
I'm not sure if it should block the PR but It would also be helpful if one of the
users reporting this issue could test out the patch.
"""
See the full comment at
https://github.com/SSSD/sssd/pull/5743#issuecomment-900381991