I've been working on rhbz#1401241
(https://bugzilla.redhat.com/show_bug.cgi?id=1401241) and I'd like to
clarify some doubts that showed up.
So, let's consider that there's a group called "foo" and user "user"
is part of this group. Group "foo" gets renamed to "bar'. Now. let me
describe what I've found out considering "id_provider = ldap" and
"id_provider = ad"
- id_provider = ldap:
cache has "foo" entry
After renaming "foo" to "bar"
cache has entry "bar" added
both entries have the same gid
- id_provider = ad
cache has "foo" entry
After renaming "foo" to "bar"
nothing is changed in the cache
Any of these situation look exactly right for me (and here I'm
probably wrong). My expectations are that we should, for both cases:
- check for the gid in the cache
- update the entry
So in the ldap case we would avoid having two entries with the same
gid and in the ad case we would be able to properly the updated name
of the group that the user is part of. Does it make sense?
Summing up the questions:
- When a group has its name changed, shall we update the entry that
contains its name (and then all memberOf that contains the old name?)?
- In case not, following what "id_provider = ad" does would be a good
fix for the issue?
Looking forward to hearing your opinion!
Best Regards,
--
Fabiano Fidêncio
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
