Learn more about these different git repos.
Other Git URLs
In some time in near future we will allow not installing all AD trust bits on every IPA server. This has an impact on SSSD. SSSD would have to detect whether the IPA server it talks to is capable of the extended operations. The logic should be adjusted in such a way that SSSD would not failover to working only with the servers that have AD related bits but rather would detect and use AD enabled servers only for the specific AD trust related operations. For other operations the SSSD should continue using the standard failover logic.
Just an idea, and depends on whether freeIPA will implement it or not. But this feature may be made to depend on detecting via SRV records which IPA server exposes a global catalog for Windows. That would be the indication that the ipa server supports the full AD trust suite including the extended operations.
_comment0: Just an idea, and depends on whether freeIPA will implement it or not. But this feature may depend on detecting via SRV records which IPA server exposes a global catalog for Windows. That would be the indication that the ipa server supports the full AD trust suite including the extended operations. => 1341512058642317
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.11 beta
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=839729
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=839729 839729]
description: In some time in near future we will allow not installing all AD trust bits on every IPA server. This has an impact on SSSD. SSSD would have to detect whether the IPA server it talks to is capable of the extended operations. The logic should be adjusted in such a way that SSSD would not failover to working only with the servers that haму AD related bits but rather would detect and use AD enabled servers only for the specific AD trust related operations. For other operations the SSSD should continue using the standard failover logic. => In some time in near future we will allow not installing all AD trust bits on every IPA server. This has an impact on SSSD. SSSD would have to detect whether the IPA server it talks to is capable of the extended operations. The logic should be adjusted in such a way that SSSD would not failover to working only with the servers that have AD related bits but rather would detect and use AD enabled servers only for the specific AD trust related operations. For other operations the SSSD should continue using the standard failover logic. proposed_priority: => Core
type: defect => enhancement
Moving all the features planned for 1.10 release into 1.10 beta.
milestone: SSSD 1.11 beta => SSSD 1.10 beta
priority: major => critical
design: => design_review: => 0 fedora_test_page: => selected: => May
priority: critical => major
review: => 1
milestone: SSSD 1.10 beta => SSSD 1.11 beta
changelog: => milestone: SSSD 1.13 beta => NEEDS_TRIAGE
We should also make sure it is documented.
milestone: NEEDS_TRIAGE => SSSD 1.12 beta
milestone: SSSD 1.12 beta => SSSD 1.13 beta
mark: => 0
Alexander confirmed this ticket is no longer relevant.
resolution: => wontfix status: new => closed
Metadata Update from @dpal: - Issue set to the milestone: SSSD 1.13.1
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2448
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.