On 09/16/2013 03:34 PM, Jakub Hrozek wrote:
On Mon, Sep 16, 2013 at 10:15:58AM +0200, Pavel Březina wrote:
On 09/13/2013 02:57 PM, Jakub Hrozek wrote:
Hi,
I created a design page that describes a proposed way of improving the
current AD provider access control. The main ticket that tracks the work
is https://fedorahosted.org/sssd/ticket/2082 and the full design page
can be found here:
https://fedorahosted.org/sssd/wiki/DesignDocs/ActiveDirectoryAccessControl
Comments and review are mostly welcome.
Hi,
good job creating this design page. It is simple, straightforward
and I don't see anything to object to :-).
Ack.
What do you think about the extended filter? Do you think it's handy or
too much for v1 ?
I think it is quite mandatory even for first version (at least domain
component). You need to be able to configure different access filter
for main domain and trusted domains.
However, this made me thinking... it is a future call but we should
provide a way to allow configuration of subdomains. Something like
[domain/maindomain/subdomain] section in sssd.conf?
_______________________________________________
sssd-devel mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
