On Wed, Sep 25, 2019 at 06:25:06PM -0500, Spike White wrote: > Yes, true statement. > > We also do not own AD -- only the Linux builds. The AD admins insist on > camel-case for group names and user names. > > Yes, AD and Windows are case-insensitive. But Linux and Kerberos are not. > > I know these logins by default are translated into lower-case names (which > is what we desire anyway). I forget which sssd setting does this > auto-lower-casing.
case_sensitive = true|false|preserving false is the default for AD in the sense that everything is lowercased and names match in case-insensitive manner. true is the default for generic LDAP, names are returned in the original case and must be matched in the original case preserving is a little in between in the sense that the original case is returned but you can match on any case. > > BTW, that would be a cool RFE for pam_sss.so to return cache entries if > sssd service down or wedged. I imagine it'd be a flag on the auth > pam_sss.so line that you're add to enable this. Do you think it is needed over the case_sensitive option? _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
