URL: https://github.com/freeipa/freeipa/pull/479
Title: #479: Merge AD trust installer into composite ones

martbab commented:
"""
@abbra I think that I am confused by the way sidgen plugin works. During LDAP 
configuration I can see that sidgen/extdom plugins are activated. e.g:

```
...
  [43/47]: enabling compatibility plugin
  [44/47]: activating sidgen plugin
  [45/47]: activating extdom plugin
...
```
Yet unless I install AD trust related bits, there are no SIDs generated on 
entries I am added (user or groups). When the AD trust installer is run, I see 
that the sidgen task is activated:

```
...
 [13/21]: activating sidgen task
 [14/21]: configuring smbd to start on boot
...
```

The admin user now has SID added by installer, yet the existing POSIX groups 
(editors) have no SIDs associated with them, only the new user I add afterwards.

Do we have a documentation about the semantics of different sidgen-related 
operations somewhere? If not, can you please explain the behavior I am seeing 
here?


"""

See the full comment at 
https://github.com/freeipa/freeipa/pull/479#issuecomment-282766662
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to