El mar, 07-10-2014 a las 20:01 -0400, Dmitri Pal escribió:

> The users and related information are not fetched until you
> authenticate as this user.
> The ability to fetch users and groups that are not yet authenticated
> is tracked by the ticket https://fedorahosted.org/sssd/ticket/2159 and
> will be addressed in the next version of SSSD.
> How frequently do you really need to lookup unauthenticated AD users
> and AD groups on linux systems? What is the use case?
> The ticket above is for the cases when there is an application that
> needs to fetch the user so that admin of the application can assign
> privileges to this user. But this is a pretty corner case.

It is a pretty common request when you configure a proxy server with
authentication. You get the user's ticket but the user is not logged in
on the system, so normal group membership via sssd won't work.

Best regards

Loris Santamaria   linux user #70506   xmpp:lo...@lgs.com.ve
Links Global Services, C.A.            http://www.lgs.com.ve
Tel: 0286 952.06.87  Cel: 0414 095.00.10  sip:1...@lgs.com.ve
"If I'd asked my customers what they wanted, they'd have said
a faster horse" - Henry Ford

Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to