-
Notifications
You must be signed in to change notification settings - Fork 235
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[RFC] IPA: allow switching off user private groups for trusted AD users #4216
Labels
Comments
pbrezina
added a commit
to pbrezina/sssd
that referenced
this issue
Apr 29, 2021
:feature: `auto_private_groups` option can be set centrally through ID range setting in IPA (see `ipa idrange` commands family) Resolves: SSSD#4216
pbrezina
added a commit
to pbrezina/sssd
that referenced
this issue
Apr 29, 2021
Resolves: SSSD#4216 :feature: `auto_private_groups` option can be set centrally through ID range setting in IPA (see `ipa idrange` commands family)
pbrezina
added a commit
to pbrezina/sssd
that referenced
this issue
May 13, 2021
Resolves: SSSD#4216 :feature: `auto_private_groups` option can be set centrally through ID range setting in IPA (see `ipa idrange` commands family)
pbrezina
added a commit
to pbrezina/sssd
that referenced
this issue
May 17, 2021
Resolves: SSSD#4216 :feature: `auto_private_groups` option can be set centrally through ID range setting in IPA (see `ipa idrange` commands family)
pbrezina
added a commit
to pbrezina/sssd
that referenced
this issue
May 17, 2021
Resolves: SSSD#4216 :feature: `auto_private_groups` option can be set centrally through ID range setting in IPA (see `ipa idrange` commands family). This feature requires SSSD update on both client and server.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/3183
IF algorithmic mapping is used trusted users from AD are assigned to a user private group (UPG). It should be possible to configure the id-range in a way to switch of UPGs and use the AD LDAP/PAC attribute primaryGroupID to determine the primary GID.
Related IPA ticket: https://fedorahosted.org/freeipa/ticket/6293
Comments
Comment from orion at 2016-09-12 17:43:23
Fields changed
cc: => orion@cora.nwra.com
Comment from jhrozek at 2016-09-23 10:07:30
Unfortunately this patch depends on FreeIPA ticket #6293 which needs to be implemented first and is currently under "Future releases", so I'm moving this ticket to "Deferred" for the time being.
We can move this ticket back when FreeIPA implements https://fedorahosted.org/freeipa/ticket/6293
milestone: NEEDS_TRIAGE => SSSD Deferred
Comment from jhrozek at 2016-09-23 10:11:35
Fields changed
rhbz: => todo
Comment from jhrozek at 2016-10-05 13:50:16
Not totally deferred, this ticket makes sense, it's "just" blocked by https://fedorahosted.org/freeipa/ticket/6293
milestone: SSSD Deferred => SSSD 1.16 beta
Comment from sbose at 2017-02-24 14:55:21
Metadata Update from @sbose:
Comment from pbrezina at 2020-03-13 11:31:07
Metadata Update from @pbrezina:
Comment from thalman at 2020-03-13 11:31:07
Metadata Update from @thalman:
Comment from pbrezina at 2020-03-13 11:31:29
Metadata Update from @pbrezina:
Comment from pbrezina at 2020-03-13 11:31:47
Metadata Update from @pbrezina:
The text was updated successfully, but these errors were encountered: