On 09/04/2013 09:34 AM, Ondrej Kos wrote:
Hi,
Attached find two patches for issue
https://fedorahosted.org/sssd/ticket/1568
[PATCH 1/2]: LDAP: move sdap_get_initgr_state structure to private
header
- moves the initgr state structure to private header so it can be used
also in the ad initgroups module.
[PATCH 2/2] AD: Enable TokenGroups initgroups lookup
This is first implementation of getting TokenGroups lookup working.
If all of the group SIDs that are fetched via the users TokenGroups
attribute are in sysdb, the membership is processed this way. If any of
the groups is missing in the cache, it falls back to rfc2307bis
I'd file a ticket to enhance this to look up only groups which are
missing in the sysdb, as we talked about with Jakub.
Ondra
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
I forgot to mention, that this patch requires the sid group lookup patch
(already on the list)
Ondra
--
Ondrej Kos
Associate Software Engineer
Identity Management - SSSD
Red Hat Czech
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
