[Freeipa-devel] [PATCH] 117 extdom: replace winbind calls with POSIX/SSSD calls
Alexander Bokovoy
abokovoy at redhat.com
Mon Jul 8 13:15:39 UTC 2013
On Mon, 08 Jul 2013, Alexander Bokovoy wrote:
>On Wed, 03 Jul 2013, Sumit Bose wrote:
>>Hi,
>>
>>with this patch the extdom plugin, the LDAP extended operation that
>>allows IPA clients with recent SSSD to lookup AD users and groups, will
>>not use winbind for the lookup anymore but will use SSSD running in
>>ipa_server_mode.
>>
>>Since now no plugin uses the winbind client libraries anymore, the
>>second patch removes the related configures checks.
>>
>>I think for the time being we cannot remove winbind completely because
>>it might be needed for msbd to work properly in a trusted environment.
>s/msbd/smbd/
>
>ACK. I need to add 'ipa_server_mode = True' support to
>the installer code and then these patches can go in.
Actually, the code still doesn't work due to some bug in sssd which
fails to respond properly to getsidbyname() request in libsss_nss_idmap.
Additionally I've found one missing treatment of domain_name for
INP_NAME requests.
We are working with Jakub on tracking down what's wrong on SSSD side.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list