Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1205604
Description of problem: Currently ldap_access_order can be set to either ppolicy or lockout, both of which are used for the same purpose. Version-Release number of selected component (if applicable): sssd-1.12.4-11.el6 How reproducible: Always Steps to Reproduce: 1. In the following domain section of sssd, ldap_access_order can be lockout of ppolicy [domain/LDAP] id_provider = ldap ldap_uri = ldaps://<ldapserver> ldap_search_base = dc=example,dc=com ldap_tls_cacert = /etc/openldap/certs/cert.pem access_provider = ldap ldap_access_order = ppolicy #ldap_access_order = lockout ldap_pwdlockout_dn = cn=pwdconfig,ou=ppolicy,dc=example,dc=com 2. 3. Actual results: Expected results: Only ppolicy works since it is stricter than lockout Additional info:
Fields changed
blockedby: => blocking: => changelog: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => mark: no => 0 owner: somebody => preichl review: True => 0 selected: => testsupdated: => 0
patch: 0 => 1
We can't remove the option because it has been released and consumed by downstreams, sorry. We can mark it as deprecated.
resolution: => wontfix status: new => closed
Metadata Update from @preichl: - Issue assigned to preichl - Issue set to the milestone: NEEDS_TRIAGE
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3651
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.