On Wed, Oct 16, 2013 at 06:31:32PM +0300, Alexander Bokovoy wrote: > Hi! > > Attached is first update to AD trusts documentation for FreeIPA user > guide. I've fixed number of outdated statements and added some more > material. > > More patches will follow to cover functionality up to FreeIPA 3.3.2.
The new content looks good, I only found a few minor issues, see below. bye, Sumit > > -- > / Alexander Bokovoy ... > + them to POSIX group and user identifiers. The user is > granted > + access to the &IPA;-hosted services. according to their > access ^ ? I think the dot should be removed. > + rules. Additionally, the &IPA; group information in the SSSD > + user cache is updated to include the mapped &IPA; groups for > + the &AD; user. ... > + > + <para> > + Since in POSIX environment every running process should be > + running under some user and have some group membership to > + access files, it is important that every &IPA; user has I think you mean "every user of &IPA; services", because "every &IPA; user" has a POSIX ID by default. > + corresponding POSIX identifier and user belongs to some > groups > + which have POSIX identifiers. Each &AD; user, therefore, > should > + have membership in some POSIX group to be able to access > files > + and run processes in &IPA; domain. > + </para> > + > + > <para> > - When &AD; groups are added to &IPAA; group, > they can be idenfitied by > + When &AD; objects are added to &IPAA; group, > they can be idenfitied by "identified" (error was there before) > their SID or by name, in the formats > <emphasis>DOMAIN\group_name</emphasis> or > - <emphasis>group_name@domain</emphasis>. &IPA; > then resolves the group name to > + <emphasis>group_name@domain</emphasis>. &IPA; > then resolves the object name to > the SID and stores the SID as the group member > entry, to be compared to any > offered user PAC. > - </para> > + </para> > + _______________________________________________ Freeipa-devel mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-devel