On Mon, 05 Aug 2013, Nalin Dahyabhai wrote:
On Mon, Aug 05, 2013 at 03:45:06PM +0300, Alexander Bokovoy wrote:
OK, fair enough. I did use of libsss_nss_idmap optional. For tests I
think we need to involve nsswrapper here to make sure of a predictable
testing.
I've added:
--with-nsswitch
On 08/05/2013 02:45 PM, Alexander Bokovoy wrote:
On Sun, 04 Aug 2013, Nalin Dahyabhai wrote:
* The help text still refers to SSSD specifically, when the code doesn't
enforce or guarantee that SSSD's involved when performing nsswitch
lookups or PAM authentication.
The whole setup really
On Sun, 04 Aug 2013, Nalin Dahyabhai wrote:
* The help text still refers to SSSD specifically, when the code doesn't
enforce or guarantee that SSSD's involved when performing nsswitch
lookups or PAM authentication.
The whole setup really makes sense only when SSSD is in use. Aside from
that,
On Mon, Aug 05, 2013 at 03:45:06PM +0300, Alexander Bokovoy wrote:
OK, fair enough. I did use of libsss_nss_idmap optional. For tests I
think we need to involve nsswrapper here to make sure of a predictable
testing.
I've added:
--with-nsswitch use nsswitch API to look up users
Crikey, that was fast.
On Fri, Aug 02, 2013 at 04:44:33PM +0300, Alexander Bokovoy wrote:
On Thu, 01 Aug 2013, Nalin Dahyabhai wrote:
HEAD~10:
* Add internal whitespace when computing the value to pass to
slapi_ch_malloc().
* Break the declaration and initialization of str into two lines.
*
On Fri, 02 Aug 2013, Alexander Bokovoy wrote:
Hi Nalin!
Thanks for the review.
On Thu, 01 Aug 2013, Nalin Dahyabhai wrote:
On Wed, Jul 31, 2013 at 03:53:21PM +0300, Alexander Bokovoy wrote:
Authentication is handled for both IPA and trusted domain users. The
former case requires some
On Wed, Jul 31, 2013 at 03:53:21PM +0300, Alexander Bokovoy wrote:
Authentication is handled for both IPA and trusted domain users. The
former case requires some specific handling of the SLAPI_BIND_TARGET_SDN
to rewrite it to the original entry's DN. As result successful bind
looks like this
Hi Nalin!
Thanks for the review.
On Thu, 01 Aug 2013, Nalin Dahyabhai wrote:
On Wed, Jul 31, 2013 at 03:53:21PM +0300, Alexander Bokovoy wrote:
Authentication is handled for both IPA and trusted domain users. The
former case requires some specific handling of the SLAPI_BIND_TARGET_SDN
to
Hi Nalin,
On Tue, 23 Jul 2013, Nalin Dahyabhai wrote:
On Tue, Jul 23, 2013 at 10:15:47AM +0300, Alexander Bokovoy wrote:
On Tue, 23 Jul 2013, Nalin Dahyabhai wrote:
Apologies for the delay.
Thanks for the review!
One short comment -- PAM code is from PAM pass-through plugin from
389-ds.
Apologies for the delay.
On Mon, Jul 15, 2013 at 08:30:03PM +0300, Alexander Bokovoy wrote:
Here is the logic:
0. Configuration is performed by setting
schema-compat-lookup-sssd: user|group
schema-compat-sssd-min-id: value
in corresponding schema-compat plugin tree (cn=users and
On Tue, 23 Jul 2013, Nalin Dahyabhai wrote:
Apologies for the delay.
Thanks for the review!
One short comment -- PAM code is from PAM pass-through plugin from
389-ds. That's the reason why its code doesn't follow slapi-nis way and
why it has that license. I tried to keep it mostly intact to
On Tue, Jul 23, 2013 at 10:15:47AM +0300, Alexander Bokovoy wrote:
On Tue, 23 Jul 2013, Nalin Dahyabhai wrote:
Apologies for the delay.
Thanks for the review!
One short comment -- PAM code is from PAM pass-through plugin from
389-ds. That's the reason why its code doesn't follow slapi-nis
On Mon, Jul 15, 2013 at 08:30:03PM +0300, Alexander Bokovoy wrote:
Hi!
Attached please find two patches against slapi-nis 0.47 to serve trusted
domain users and groups to old clients. FreeIPA master needs to be
enabled with this, see my patch 0108 (on freeipa-devel@).
The patches add both
Hi!
On Tue, 16 Jul 2013, Jakub Hrozek wrote:
+AC_ARG_WITH(sss_nss_idmap,
+ AS_HELP_STRING([--with-sss-nss-idmap], [use libsss_nss_idmap]),
+ use_sss_nss_idmap=$withval,use_sss_nss_idmap=AUTO)
+if pkg-config sss_nss_idmap 2 /dev/null ; then
+ if test
On Tue, Jul 16, 2013 at 01:23:41PM +0300, Alexander Bokovoy wrote:
Hi!
On Tue, 16 Jul 2013, Jakub Hrozek wrote:
+AC_ARG_WITH(sss_nss_idmap,
+ AS_HELP_STRING([--with-sss-nss-idmap], [use libsss_nss_idmap]),
+ use_sss_nss_idmap=$withval,use_sss_nss_idmap=AUTO)
+if pkg-config
On Tue, Jul 16, 2013 at 03:33:49PM +0300, Alexander Bokovoy wrote:
On Tue, 16 Jul 2013, Jakub Hrozek wrote:
On Tue, Jul 16, 2013 at 01:23:41PM +0300, Alexander Bokovoy wrote:
Hi!
On Tue, 16 Jul 2013, Jakub Hrozek wrote:
+AC_ARG_WITH(sss_nss_idmap,
+
Hi!
Attached please find two patches against slapi-nis 0.47 to serve trusted
domain users and groups to old clients. FreeIPA master needs to be
enabled with this, see my patch 0108 (on freeipa-devel@).
The patches add both lookup and PAM-based authentication bind for the
users returned by SSSD
17 matches
Mail list logo