Learn more about these different git repos.
Other Git URLs
If the ipa_server_mode is selected IPA subdomain user and group lookups should not be done with the help of the extdom plugin but directly against AD with the help of LDAP of GC lookups. For this the IPA provider must be able to call the related functions from the AD provider. Since by default the POSIX attributes are not replicated to the global catalog and supporting them is a requirement, I think it would be sufficient make sure LDAP lookups are working as expected. Additionally FreeIPA currently supports only one trusted domain global catalog lookups for users and groups from the forest or different forests can be added later.
Since the Kerberos hosts keys from the host keytab should be used as credentials to access AD no changes are expected here.
Fields changed
owner: somebody => jhrozek status: new => assigned
A sub ticket of the 1.11 feature.
rhbz: => 0
patch: 0 => 1
resolution: => fixed status: assigned => closed
_comment0: * master: caee982 => 1377704762344504
Metadata Update from @sbose: - Issue assigned to jhrozek - Issue set to the milestone: SSSD 1.11 beta
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3004
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.