On 12/02/2011 04:06 PM, Stephen Gallagher wrote:
1) SSSD caching instead of nscd
Winbind has its own cache. We do not want to implement the yet another one
causing confusion, do we?
2) Support for multiple AD domains without trust
If needed, winbind itself should provide this functionality.
3) One-to-one mapping of identity domain to authentication domain (so
you're not exposing your password to multiple authentication domains
until you find the right one, as with traditional PAM).
Yes, That's true, but honestly, who is using it, is it worth the effort?
I am not saying no, of course, everything has its own special use. What I think that we need is the *simplicity*. We need to have a clear
and simple rules where to go if windows/ipa/... backend is needed. Most system admins see sssd as a cleverer libnss_ldap.so provider - and
that is how it should stay, I believe....
The information contained in this e-mail and in any attachments is confidential
and is designated solely for the attention of the intended recipient(s). If you
are not an intended recipient, you must not use, disclose, copy, distribute or
retain this e-mail or any part thereof. If you have received this e-mail in
error, please notify the sender by return e-mail and delete all copies of this
e-mail from your computer system(s).
Please direct any additional queries to: communicati...@s3group.com.
Silicon and Software Systems Limited (S3 Group). Registered in Ireland no.
Registered Office: South County Business Park, Leopardstown, Dublin 18
Freeipa-users mailing list