The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Macros | Functions
active_directory.c File Reference

LDAP sync callback functions for Active Directory servers. More...

#include "active_directory.h"
#include <freeradius-devel/util/debug.h>
+ Include dependency graph for active_directory.c:

Go to the source code of this file.

Macros

#define LOG_PREFIX   "ldap_sync_ad"
 

Functions

static int active_directory_sync_attr_add (char const *attr, void *uctx)
 
int active_directory_sync_search_entry (sync_state_t *sync, LDAPMessage *msg, UNUSED LDAPControl **ctrls)
 Handle a LDAP_RES_SEARCH_ENTRY (SearchResultEntry) response. More...
 
int active_directory_sync_state_init (fr_ldap_connection_t *conn, size_t sync_no, proto_ldap_sync_t const *inst, UNUSED uint8_t const *cookie)
 Allocate a sync state structure and issue the search. More...
 

Detailed Description

LDAP sync callback functions for Active Directory servers.

Id
56b1537922e129ff5266050e4a748e9f6d56f38c
Copyright
2022 Network RADIUS SAS (legal.nosp@m.@net.nosp@m.workr.nosp@m.adiu.nosp@m.s.com)

Definition in file active_directory.c.

Macro Definition Documentation

◆ LOG_PREFIX

#define LOG_PREFIX   "ldap_sync_ad"

Definition at line 26 of file active_directory.c.

Function Documentation

◆ active_directory_sync_attr_add()

static int active_directory_sync_attr_add ( char const *  attr,
void *  uctx 
)
static

Definition at line 31 of file active_directory.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ active_directory_sync_search_entry()

int active_directory_sync_search_entry ( sync_state_t sync,
LDAPMessage *  msg,
UNUSED LDAPControl **  ctrls 
)

Handle a LDAP_RES_SEARCH_ENTRY (SearchResultEntry) response.

This version is specific to Active Directory, which does things its own way.

In response to a search request containing the Server Notification Control, Active Directory will initially return nothing.

Then as entries matching the query are changed, SearchResultEntry messages will be returned for the matching entries. There is no indication as to whether the change is an addition or a modification.

In order to be notified about deleted objects, the Recycle Bin optional feature must be enabled and the search must have a base DN which includes the Deleted Objects container, then, an attribute isDeleted will indicate the state of the entry.

Parameters
[in]syncmessage was associated with.
[in]msgcontaining an entry to process.
[in]ctrlsunused LDAP controls
Returns
  • 0 on success.
  • -1 on failure.

Definition at line 171 of file active_directory.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ active_directory_sync_state_init()

int active_directory_sync_state_init ( fr_ldap_connection_t conn,
size_t  sync_no,
proto_ldap_sync_t const *  inst,
UNUSED uint8_t const *  cookie 
)

Allocate a sync state structure and issue the search.

Active Directory uses its own control to mark persistent searches. In addition we add the control to request the return of deleted objects which allows searches specifically on the Deleted Objects container.

Neither of these controls take values.

Parameters
[in]connConnection to issue the search request on.
[in]sync_nonumber of the sync in the array of configs.
[in]instinstance of ldap_sync this query relates to.
[in]cookieunused for Active Directory
Returns
  • 0 on success
  • -1 on failure

Definition at line 54 of file active_directory.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:
Generated by   doxygen 1.9.1