On 03/23/2012 08:52 AM, Sumit Bose wrote: > Hi, > > these two patches introduce a new extended operation to the IPA server > which can be used by clients in the IPA domain to obtain information > about users and groups from trusted domains. Currently this exop is used > by the sssd sub-domain patch to map user names from a trusted AD domain > to a SID and back. There is also some code for other kind of requests > which might become useful in future, e.g. with trusted IPA domain.
Are the mappings cached on the SSSD side? > I added some unit test and added check for the check unit test framework > for C (http://check.sourceforge.net/) which is used by sssd as well. I > modified the spec file that the test is run during the build of the > packages. I hope this is ok. > > The patches depend on the idmap library patch which was ACKed recently > on sssd-devel and as mentioned before the sub-domain patches on > sssd-devel can only be fully tested with an IPA server which has these > patches applied. > > Since Alexander is currently rewriting parts of the ipa-adtrust-install > utility I stand back from adding activation code for the exop to > ipa-adtrust-install and will send a patch when Alexander's changes are > available. So currently extdom-extop-conf.ldif has to be loaded manually > after replacing $SUFFIX to activate the new exop. > > bye, > Sumit > > > _______________________________________________ > Freeipa-devel mailing list > Freeipa-devel@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-devel -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel