On Thu, Mar 20, 2014 at 08:17:21PM +0100, Jakub Hrozek wrote: > On Fri, Mar 14, 2014 at 04:52:03PM +0100, Pavel Reichl wrote: > > On Fri, 2014-03-14 at 11:21 -0400, Stephen Gallagher wrote: > > [snip] > > > > > > > > > Recommended rephrasing: > > > > > > NOTE: The value of this option must be at least as large as the > > > highest user RID planned for use on the Active Directory server. User > > > lookups and login will fail for any user whose RID is greater than > > > this value. > > > > > > For example, if your most recently-added Active Directory user has > > > objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, > > > <quote>ldap_idmap_range_size</quote> must be at least 1107. > > > > > > It is important to plan ahead for future expansion, as changing this > > > value will result in changing all of the ID mappings on the system, > > > leading to users with different local IDs than they previously had. > > > > Thank you Stephen for your prompt response and valuable input. > > > > New patch with recommended rephrasing is attached. > > > > As Stephen has reminded me on IRC, he can't formally ack this patch as he > was involved in crafting the error message. > > That said, the change looks good to me. > > ACK
Pushed to master. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
