URL:
https://github.com/SSSD/sssd/pull/5529
Title: #5529: AD: read trusted domains from local domain as well
sumit-bose commented:
"""
Is it safe to remove `sdap_domain_remove` call? IIRC there was a
reason for it.
Hi,
I guess you are thinking of the domain-disable feature of FreeIPA which is not related to
the code here. However, it might be better to keep the removal since otherwise thanks to
offline authentication users from a domain removed from the forest would still be able to
log in until SSSD's cache is removed. I'll add `Change Requested`.
bye,
Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pull/5529#issuecomment-810281718