#3183 [RFC] IPA: allow switching off user private groups for trusted AD users
Closed: cloned-to-github 3 years ago by pbrezina. Opened 7 years ago by sbose.

IF algorithmic mapping is used trusted users from AD are assigned to a user private group (UPG). It should be possible to configure the id-range in a way to switch of UPGs and use the AD LDAP/PAC attribute primaryGroupID to determine the primary GID.

Related IPA ticket: https://fedorahosted.org/freeipa/ticket/6293


Fields changed

cc: => orion@cora.nwra.com

Unfortunately this patch depends on FreeIPA ticket #6293 which needs to be implemented first and is currently under "Future releases", so I'm moving this ticket to "Deferred" for the time being.

We can move this ticket back when FreeIPA implements https://fedorahosted.org/freeipa/ticket/6293

milestone: NEEDS_TRIAGE => SSSD Deferred

Fields changed

rhbz: => todo

Not totally deferred, this ticket makes sense, it's "just" blocked by ​https://fedorahosted.org/freeipa/ticket/6293

milestone: SSSD Deferred => SSSD 1.16 beta

Metadata Update from @sbose:
- Issue set to the milestone: SSSD Future releases (no date set yet)

7 years ago

Metadata Update from @pbrezina:
- Custom field design_review reset (from 0)
- Custom field mark reset (from 0)
- Custom field patch reset (from 0)
- Custom field review reset (from 0)
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1649464 (was: todo)
- Custom field sensitive reset (from 0)
- Custom field testsupdated reset (from 0)
- Issue close_status updated to: None

4 years ago

Metadata Update from @thalman:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field rhbz adjusted to todo (was: https://bugzilla.redhat.com/show_bug.cgi?id=1649464)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue close_status updated to: None
- Issue tagged with: bugzilla

4 years ago

Metadata Update from @pbrezina:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1649464 (was: todo)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue untagged with: bugzilla

4 years ago

Metadata Update from @pbrezina:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue tagged with: bugzilla

4 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4216

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @pbrezina:
- Issue close_status updated to: cloned-to-github
- Issue status updated to: Closed (was: Open)

3 years ago

Login to comment on this ticket.

Metadata