I beleive I understand the use of the the "ldap_idmap_default_domain_sid" directive. Most simply the MURMUR algorithm will be disabled and the domain configuration designated as the "default" domain will be assigned to slice [0]. My observation is that the UID-GID for an object becomes (ldap_idmap_range_min + <object_RID>) in this configuration.
The man pages are less clear on why and how specifying which domain is the default in a multi-domain configuration matters. My assumption is that the sole purpose of the "[domain/default]" and "ldap_idmap_default_domain" options is to do just that. "[domain/default]" - Is the entended use for this domain stanza header? - Is is still a valid configuration choice? "ldap_idmap_default_domain" - Is the entended use for this configuration directive? - If it is specified in one domain stanza in a multi-domain configuration will the configuration be honored across other configured domains? Many thanks as always, -- lawrence
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
