On Wed, 2014-04-16 at 16:15 +0300, Alexander Bokovoy wrote:
> On Wed, 16 Apr 2014, Simo Sorce wrote:
> >> + 'ipanttrusteddomainsid', 'ipanttrustforesttrustinfo',
> >> + 'ipanttrustposixoffset',
> >> 'ipantsupportedencryptiontypes',
> >> + 'ipantsidblacklistincoming',
> >> 'ipantsidblacklistoutgoing',
> >> + # ipaNTDomainAttrs:
> >> + 'ipantsecurityidentifier', 'ipantflatname',
> >> 'ipantdomainguid',
> >> + 'ipantfallbackprimarygroup',
> >> + },
> >> + },
> >> + }
> >>
> >> label = _('Trusts')
> >> label_singular = _('Trust')
> >
> >In general I am not sure all authenticated users need access to all this
> >info. Alexander ?
> SSSD needs to read some of this information for subdomains support.
> That would be at least host/*@REALM who needs to access it.
Can you please list exactly which ones are needed ?
Simo.
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
