[SSSD] [PATCH] Two fixes for subdomain krb5 offline auth
Hi,
I was playing with different offline krb5 authentication ways today when
testing Sumit's patches and I don't think the offline authentication of
subdomain users was correct. Attached are two patches -- one is just a
better error code, the other actually makes the SSSD search for the
right user entry during krb5 offline auth.
To test the first one, pause of shutdown a trusted AD while remaining
connected to the root domain AD.
Attachments:
- 0001-KRB5-Return-ERR_NETWORK_IO-when-trusted-AD-server-ca.patch (text/plain — 814 bytes)
- 0002-KRB5-Use-the-correct-domain-when-authenticating-with.patch (text/plain — 1.9 KB)