I've been working on rhbz#1401241 (https://bugzilla.redhat.com/show_bug.cgi?id=1401241) and I'd like to clarify some doubts that showed up.
So, let's consider that there's a group called "foo" and user "user" is part of this group. Group "foo" gets renamed to "bar'. Now. let me describe what I've found out considering "id_provider = ldap" and "id_provider = ad" - id_provider = ldap: cache has "foo" entry After renaming "foo" to "bar" cache has entry "bar" added both entries have the same gid - id_provider = ad cache has "foo" entry After renaming "foo" to "bar" nothing is changed in the cache Any of these situation look exactly right for me (and here I'm probably wrong). My expectations are that we should, for both cases: - check for the gid in the cache - update the entry So in the ldap case we would avoid having two entries with the same gid and in the ad case we would be able to properly the updated name of the group that the user is part of. Does it make sense? Summing up the questions: - When a group has its name changed, shall we update the entry that contains its name (and then all memberOf that contains the old name?)? - In case not, following what "id_provider = ad" does would be a good fix for the issue? Looking forward to hearing your opinion! Best Regards, -- Fabiano Fidêncio _______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org