Learn more about these different git repos.
Other Git URLs
Like #672 and #673, but for Microsoft !ActiveDirectory. Relevant documentation here:
http://msdn.microsoft.com/en-us/library/ms680832%28VS.85%29.aspx
Essentially, read out userAccountControl and see if bit 1 (0x2) is set.
Maybe #672, #673 and #674 can be handled in a generic way by introducing an ldap_account_lock_policy similar to ldap_pwd_policy which values like 'shadow', 'nds' and 'ads'. Then we can try and read all related attributes together with the account data and store them in the cache. When pam_acct_mgmt is run we evaluate the attributes depending on the value of ldap_account_lock_policy.
ldap_access_filter becomes optional then, but we need to check if at least one of the two options is set. I think it might be useful to allow both options to be set and allow access only if both checks return true.
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.5.0 priority: major => minor
coverity: => owner: somebody => sbose status: new => assigned
milestone: SSSD 1.5.0 => SSSD 1.5.1
fixed by 22f4c1b
resolution: => fixed status: assigned => closed upgrade: => 0
rhbz: => 0
Metadata Update from @ossman: - Issue assigned to sbose - Issue set to the milestone: SSSD 1.5.1
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/1716
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.