URL: https://github.com/SSSD/sssd/pull/5251 Title: #5251: subdomains: allow to inherit case_sensitive=Preserving
sumit-bose commented: """ > > Hi, > > thanks for the rebase. I'm not sure I like the last patch. Why would you > > want to set `case_sensitive=Preserving` only on some clients and especially > > not on the server? Wouldn't this cause confusion? I would even say that it > > the SSSD side is fixed it might be better to ask FreeIPA to add a ipa > > config option to set `case_sensitive` for the whole domain and the SSSD use > > this new option. > > Do you suggest to add case_sensitive option in IPA similar to what we do with > e.g. domain_resolution_order? Yes, this would be the long term idea. However, in the meantime I think it is ok to require to set `case_sensitive=Preserving` on the IPA servers as well if you want to use it on the client and hence the last patch is not needed. > > > Addtionally, without any flags set `SSS_NSS_GETPWNAM_EX` should return the > > same result as `SSS_NSS_GETPWNAM`, so adding `Preserving` flag would be a > > solution, but this would require additional changes on the IPA side. > > Given IPA lower case what it gets then why it needs to return the same result? I think Alexander's comment was about IPA user and groups which are always lower case, AD users are not stored in LDAP. > > If you don't agree with the patch then I suggest to enable this for AD only > for now and see what we can do for IPA later (the customer behind this > requests it for AD provider). See above. If I understand it correctly by setting `case_sensitive=Preserving` in sssd.conf on the IPA servers the last patch is not needed, SSSD has to be updated anyways to make sure the option is inherited by the sub-domains (trusted AD domains). bye, Sumit """ See the full comment at https://github.com/SSSD/sssd/pull/5251#issuecomment-763797708
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
