From 90062dbacf1a00c5d3dc2b530c54a24113a9c2f8 Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@redhat.com>
Date: Thu, 25 Apr 2013 14:56:13 +0200
Subject: [PATCH] Add option to disable use of fully qualified names

https://bugs.freedesktop.org/show_bug.cgi?id=60637
---
 service/realm-options.c       | 13 +++++++++++++
 service/realm-options.h       |  2 ++
 service/realm-samba-winbind.c |  6 ++++--
 service/realm-samba-winbind.h |  2 +-
 service/realm-samba.c         |  3 +--
 service/realm-sssd-ad.c       |  2 +-
 service/realm-sssd-ipa.c      |  2 +-
 7 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/service/realm-options.c b/service/realm-options.c
index 4530671..8e78a05 100644
--- a/service/realm-options.c
+++ b/service/realm-options.c
@@ -94,3 +94,16 @@ realm_options_automatic_mapping (const gchar *realm_name)
 
 	return mapping;
 }
+
+gboolean
+realm_options_qualify_names (const gchar *realm_name)
+{
+	gchar *section;
+	gboolean qualify;
+
+	section = g_utf8_casefold (realm_name, -1);
+	qualify = realm_settings_boolean (realm_name, "fully-qualified-names", TRUE);
+	g_free (section);
+
+	return qualify;
+}
diff --git a/service/realm-options.h b/service/realm-options.h
index c2c234a..4c95927 100644
--- a/service/realm-options.h
+++ b/service/realm-options.h
@@ -34,6 +34,8 @@ const gchar *  realm_options_user_principal           (GVariant *options,
 
 gboolean       realm_options_automatic_mapping        (const gchar *realm_name);
 
+gboolean       realm_options_qualify_names            (const gchar *realm_name);
+
 G_END_DECLS
 
 #endif /* __REALM_OPTIONS_H__ */
diff --git a/service/realm-samba-winbind.c b/service/realm-samba-winbind.c
index c0083ed..f093c87 100644
--- a/service/realm-samba-winbind.c
+++ b/service/realm-samba-winbind.c
@@ -19,6 +19,7 @@
 #include "realm-daemon.h"
 #include "realm-diagnostics.h"
 #include "realm-errors.h"
+#include "realm-options.h"
 #include "realm-samba-config.h"
 #include "realm-samba-winbind.h"
 #include "realm-settings.h"
@@ -71,7 +72,7 @@ on_enable_do_nss (GObject *source,
 
 void
 realm_samba_winbind_configure_async (RealmIniConfig *config,
-                                     gboolean automatic_mapping,
+                                     const gchar *domain_name,
                                      GDBusMethodInvocation *invocation,
                                      GAsyncReadyCallback callback,
                                      gpointer user_data)
@@ -94,10 +95,11 @@ realm_samba_winbind_configure_async (RealmIniConfig *config,
 		                      "winbind enum groups", "no",
 		                      "winbind offline logon", "yes",
 		                      "winbind refresh tickets", "yes",
+		                      "winbind use default domain", realm_options_qualify_names (domain_name )? "no" : "yes",
 		                      "template shell", realm_settings_string ("users", "default-shell"),
 		                      NULL);
 
-		if (automatic_mapping) {
+		if (realm_options_automatic_mapping (domain_name)) {
 			realm_ini_config_set (config, REALM_SAMBA_CONFIG_GLOBAL,
 			                      "idmap uid", "10000-2000000",
 			                      "idmap gid", "10000-2000000",
diff --git a/service/realm-samba-winbind.h b/service/realm-samba-winbind.h
index f959911..260f81b 100644
--- a/service/realm-samba-winbind.h
+++ b/service/realm-samba-winbind.h
@@ -22,7 +22,7 @@
 G_BEGIN_DECLS
 
 void       realm_samba_winbind_configure_async      (RealmIniConfig *config,
-                                                     gboolean automatic_mapping,
+                                                     const gchar *domain_name,
                                                      GDBusMethodInvocation *invocation,
                                                      GAsyncReadyCallback callback,
                                                      gpointer user_data);
diff --git a/service/realm-samba.c b/service/realm-samba.c
index 6b897e8..512c23e 100644
--- a/service/realm-samba.c
+++ b/service/realm-samba.c
@@ -194,8 +194,7 @@ on_join_do_winbind (GObject *source,
 
 	if (error == NULL) {
 		name = realm_kerberos_get_name (REALM_KERBEROS (self));
-		realm_samba_winbind_configure_async (self->config,
-		                                     realm_options_automatic_mapping (name),
+		realm_samba_winbind_configure_async (self->config, name,
 		                                     enroll->invocation,
 		                                     on_winbind_done, g_object_ref (task));
 	} else {
diff --git a/service/realm-sssd-ad.c b/service/realm-sssd-ad.c
index 5699539..e2acee9 100644
--- a/service/realm-sssd-ad.c
+++ b/service/realm-sssd-ad.c
@@ -170,7 +170,7 @@ configure_sssd_for_domain (RealmIniConfig *config,
 	                                    "re_expression", "(?P<domain>[^\\\\]+)\\\\(?P<name>[^\\\\]+)",
 	                                    "full_name_format", "%2$s\\%1$s",
 	                                    "cache_credentials", "True",
-	                                    "use_fully_qualified_names", "True",
+		                            "use_fully_qualified_names", realm_options_qualify_names (disco->domain_name) ? "True" : "False",
 
 	                                    "id_provider", "ad",
 
diff --git a/service/realm-sssd-ipa.c b/service/realm-sssd-ipa.c
index b036401..6576261 100644
--- a/service/realm-sssd-ipa.c
+++ b/service/realm-sssd-ipa.c
@@ -198,7 +198,7 @@ on_ipa_client_do_restart (GObject *source,
 		                                 "re_expression", "(?P<name>[^@]+)@(?P<domain>.+$)",
 		                                 "full_name_format", "%1$s@%2$s",
 		                                 "cache_credentials", "True",
-		                                 "use_fully_qualified_names", "True",
+		                                 "use_fully_qualified_names", realm_options_qualify_names (domain) ? "True" : "False",
 		                                 "krb5_store_password_if_offline", "True",
 		                                 "fallback_homedir", home,
 		                                 NULL);
-- 
1.8.1.4