[SSSD] [sssd PR#268][opened] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Author: sumit-bose Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT Action: opened PR body: """ This patchset got lost when I prepared the certificate mapping patch set. Applications like gdm with enabled Smartcard support will try t

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT abbra commented: """ Is there a technical reason sssd cannot discover what to do without `allow_missing_name` option to pam_sss? I'd prefer to avoid modifying PAM config files... """ S

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT sumit-bose commented: """ >Is there a technical reason sssd cannot discover what to do without >allow_missing_name option to pam_sss? I'd prefer to avoid modifying PAM config >files...

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT abbra commented: """ Still, why you cannot make that decision without an option's help? Sorry, I don't see a difference -- why by seeing a certificate `pam_sss` cannot defer decision to

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT sumit-bose commented: """ > Still, why you cannot make that decision without an option's help? Sorry, I > don't see a difference -- why by seeing a certificate pam_sss cannot defer > de

[SSSD] [sssd PR#259][comment] RESPONDER: Also populate cr_domains when initializing the responders

URL: https://github.com/SSSD/sssd/pull/259 Title: #259: RESPONDER: Also populate cr_domains when initializing the responders sumit-bose commented: """ jfyi, I think my suggested patch is not the right solution either because it will delay the startup time especially when the system is offline.

[SSSD] [sssd PR#268][comment] pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT

URL: https://github.com/SSSD/sssd/pull/268 Title: #268: pam_sss: add support for SSS_PAM_CERT_INFO_WITH_HINT abbra commented: """ I opened RFE https://pagure.io/SSSD/sssd/issue/3396 to discuss details of this. I believe "sending potentially bogus data to SSSD" is not an argument -- any process

[SSSD] [sssd PR#259][comment] RESPONDER: Also populate cr_domains when initializing the responders

URL: https://github.com/SSSD/sssd/pull/259 Title: #259: RESPONDER: Also populate cr_domains when initializing the responders pbrezina commented: """ Open the sockets but postpone reading from them? """ See the full comment at https://github.com/SSSD/sssd/pull/259#issuecomment-300757695 __

[SSSD] [sssd PR#269][opened] Add support for ActiveDirectory's logonHours restrictions

URL: https://github.com/SSSD/sssd/pull/269 Author: NWilson Title: #269: Add support for ActiveDirectory's logonHours restrictions Action: opened PR body: """ This is a straightforward patch for denying access to a user when the user is not permitted to access their account due to logonHours r

[SSSD] [sssd PR#269][comment] Add support for ActiveDirectory's logonHours restrictions

URL: https://github.com/SSSD/sssd/pull/269 Title: #269: Add support for ActiveDirectory's logonHours restrictions centos-ci commented: """ Can one of the admins verify this patch? """ See the full comment at https://github.com/SSSD/sssd/pull/269#issuecomment-300793133 _

[SSSD] [sssd PR#269][comment] Add support for ActiveDirectory's logonHours restrictions

URL: https://github.com/SSSD/sssd/pull/269 Title: #269: Add support for ActiveDirectory's logonHours restrictions centos-ci commented: """ Can one of the admins verify this patch? """ See the full comment at https://github.com/SSSD/sssd/pull/269#issuecomment-300793139 _

[SSSD] [sssd PR#269][edited] Add support for ActiveDirectory's logonHours restrictions

URL: https://github.com/SSSD/sssd/pull/269 Author: NWilson Title: #269: Add support for ActiveDirectory's logonHours restrictions Action: edited Changed field: body Original value: """ This is a straightforward patch for denying access to a user when the user is not permitted to access their

[SSSD] [sssd PR#269][comment] Add support for ActiveDirectory's logonHours restrictions

URL: https://github.com/SSSD/sssd/pull/269 Title: #269: Add support for ActiveDirectory's logonHours restrictions fidencio commented: """ ok to test """ See the full comment at https://github.com/SSSD/sssd/pull/269#issuecomment-300797835 ___ sssd-dev

[SSSD] [sssd PR#270][opened] Subdomains direct integration

URL: https://github.com/SSSD/sssd/pull/270 Author: mzidek-rh Title: #270: Subdomains direct integration Action: opened PR body: """ Note: I know the commit message misses an issue number. I will add it tomorrow when I clone the BZ. However this should not block the review. """ To pull the PR

[SSSD] [sssd PR#270][comment] Subdomains direct integration

URL: https://github.com/SSSD/sssd/pull/270 Title: #270: Subdomains direct integration mzidek-rh commented: """ Btw, we fixed practically the same issue in IPA subdomains code (from users perspective). The code for direct integration is completely different, but maybe we could reuse the same is