On Fri, Sep 27, 2013 at 12:35:57PM +0200, Pavel Březina wrote: > On 09/22/2013 09:06 PM, Jakub Hrozek wrote: > >Hi, > > > >I was playing with different offline krb5 authentication ways today when > >testing Sumit's patches and I don't think the offline authentication of > >subdomain users was correct. Attached are two patches -- one is just a > >better error code, the other actually makes the SSSD search for the > >right user entry during krb5 offline auth. > > > >To test the first one, pause of shutdown a trusted AD while remaining > >connected to the root domain AD. > > Ack. > > You could also use state->sysdb directly and be consistent with rest > of the code in krb5_auth.c but... > > We should decide whether to use state->domain->sysdb or state->sysdb > and be always consistent in future development. I'd prefer the first > one, since sysdb is very much bounded to a domain (now with > subdomains more than ever) and it makes it clear.
I was actually wondering whether the consumers of sss_domain_info need access to the sysdb pointer at all. The sysdb pointer seems like something that should only be consumed by the sysdb interface. _______________________________________________ sssd-devel mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
