El mar, 07-10-2014 a las 20:01 -0400, Dmitri Pal escribió:

> 
> The users and related information are not fetched until you
> authenticate as this user.
> The ability to fetch users and groups that are not yet authenticated
> is tracked by the ticket https://fedorahosted.org/sssd/ticket/2159 and
> will be addressed in the next version of SSSD.
> How frequently do you really need to lookup unauthenticated AD users
> and AD groups on linux systems? What is the use case?
> 
> The ticket above is for the cases when there is an application that
> needs to fetch the user so that admin of the application can assign
> privileges to this user. But this is a pretty corner case.

It is a pretty common request when you configure a proxy server with
authentication. You get the user's ticket but the user is not logged in
on the system, so normal group membership via sssd won't work.

Best regards

-- 
Loris Santamaria   linux user #70506   xmpp:lo...@lgs.com.ve
Links Global Services, C.A.            http://www.lgs.com.ve
Tel: 0286 952.06.87  Cel: 0414 095.00.10  sip:1...@lgs.com.ve
------------------------------------------------------------
"If I'd asked my customers what they wanted, they'd have said
a faster horse" - Henry Ford

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to