On Tue, 2012-10-02 at 21:29 +0200, Sumit Bose wrote: > Hi, > > this patch should fix https://fedorahosted.org/freeipa/ticket/2955 by > adding a fallback group as described in comment 2 of the ticket in > ipa-adtrust-install. > > If you prefer to use a different kind of group I can change the patch > accordingly.
Yes I think we should use a more natural group name. In my recent testing I have been using the name 'Trust Users' that pairs well with another group we create called 'Trust Admins'. But I am open to suggestions on a better name, 'Domain Users' may be better if we really want to associate the wellknown SID to this group. On the SID side I wonder if using the wellknown 'Domain Users' SID is the right thing to do. I do not see any special reasons why it shouldn't but I also do not have any special reason why we should. Anyone can think of any pros/cons of doing that ? Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-devel