[PATCH] extended the documentation of LDAP backend - sssd-devel - Fedora Mailing-Lists

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

[PATCH] extended the documentation of LDAP backend

[PATCH] use stored upn if...

[PATCH] Disallow all legacy...

Sumit Bose

Thursday, 20 August 2009 Thu, 20 Aug '09

8:42 a.m.

Hi, this patch extends the man page of the LDAP backend and added a configuration example for AD. bye, Sumit

Attachments:

0001-extended-the-documentation-of-LDAP-backend.patch (text/plain — 9.4 KB)

Reply

Show replies by date

Stephen Gallagher

Friday, 21 August Fri, 21 Aug

11:42 a.m.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/20/2009 09:42 AM, Sumit Bose wrote:

Hi, this patch extends the man page of the LDAP backend and added a configuration example for AD. bye, Sumit ------------------------------------------------------------------------ _______________________________________________ sssd-devel mailing list sssd-devel(a)lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel

Ack. One minor typo that I will fix when I push: + The LDAP attribute that list the user's + groupmenberships. Should be 'group memberships' - -- Stephen Gallagher RHCE 804006346421761 Looking to carve out IT costs? www.redhat.com/carveoutcosts/

...PGP SIGNATURE...

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkqOzosACgkQeiVVYja6o6PGswCfeEmHoeVowRakwWAUgtXOo27e tY8An3PtLh5vO8rQQL9tm8oUroAGlkGG =jV/6 -----END PGP SIGNATURE-----

Reply

Stephen Gallagher

11:57 a.m.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/21/2009 12:42 PM, Stephen Gallagher wrote:

On 08/20/2009 09:42 AM, Sumit Bose wrote: > Hi, > this patch extends the man page of the LDAP backend and added a > configuration example for AD. > bye, > Sumit > ------------------------------------------------------------------------ > _______________________________________________ > sssd-devel mailing list > sssd-devel(a)lists.fedorahosted.org > https://fedorahosted.org/mailman/listinfo/sssd-devel Ack. One minor typo that I will fix when I push: + The LDAP attribute that list the user's + groupmenberships. Should be 'group memberships'

Pushed to master. _______________________________________________ sssd-devel mailing list sssd-devel(a)lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel - -- Stephen Gallagher RHCE 804006346421761 Looking to carve out IT costs? www.redhat.com/carveoutcosts/

...PGP SIGNATURE...

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkqO0g8ACgkQeiVVYja6o6N95gCfSinyuSdHZc1/oGijLgsXssdN 7rEAn05qvs2ZkclcDj3X89BwBY1hOrRo =h3ls -----END PGP SIGNATURE-----

Reply

Simo Sorce

Sunday, 23 August Sun, 23 Aug

4:48 p.m.

On Thu, 2009-08-20 at 15:42 +0200, Sumit Bose wrote:

+; userName = msSFU30Name

Just noticed you are using the old MS SFU schema extensions as examples. These extensions are obsoleteed since Windows 2003 R2 came out, and I really don't think we should advertise them as a good default configuration. Windows 2003 R2 includes rfc2307 extensions, please use the attributes names specified there. HP has a nice doc about the mappings: http://docs.hp.com/en/J4269-90062/ar01s03.html?btnNext=next%A0%BB Simo. -- Simo Sorce * Red Hat, Inc * New York

Reply

Sumit Bose

Monday, 24 August Mon, 24 Aug

4:28 a.m.

On Sun, Aug 23, 2009 at 05:48:01PM -0400, Simo Sorce wrote:

On Thu, 2009-08-20 at 15:42 +0200, Sumit Bose wrote: > +; userName = msSFU30Name Just noticed you are using the old MS SFU schema extensions as examples. These extensions are obsoleteed since Windows 2003 R2 came out, and I really don't think we should advertise them as a good default configuration. Windows 2003 R2 includes rfc2307 extensions, please use the attributes names specified there. HP has a nice doc about the mappings: http://docs.hp.com/en/J4269-90062/ar01s03.html?btnNext=next%A0%BB

good point. I will make some test and update the example. Btw. I was thinking about introducing some meta-providers like files, where a number of sensible options is set in one run. For example 'provider=ADS' or 'provider=ADS_SFU' which will set the RFC2307 or SFU mappings respectively and other useful options. Another candidate would be 'provider=IPA'. With the DNS helper our config files would look quite simple: [domains/MYIPA.COM] provider = IPA [domains/MYADS.COM] provider = ADS What do you think about this? bye, Sumit

Reply

Simo Sorce

6:26 a.m.

On Mon, 2009-08-24 at 11:28 +0200, Sumit Bose wrote:

good point. I will make some test and update the example. Btw. I was thinking about introducing some meta-providers like files, where a number of sensible options is set in one run. For example 'provider=ADS' or 'provider=ADS_SFU' which will set the RFC2307 or SFU mappings respectively and other useful options. Another candidate would be 'provider=IPA'. With the DNS helper our config files would look quite simple: [domains/MYIPA.COM] provider = IPA [domains/MYADS.COM] provider = ADS What do you think about this?

It's an interesting idea, and would allow us to keep as much code as possible in common. Unless we find that the code becomes too full of switches I'd agree to go this way. Simo. -- Simo Sorce * Red Hat, Inc * New York

Reply

4439

days inactive

4443

days old

sssd-devel@lists.fedorahosted.org

Manage subscription

5 comments

3 participants

tags (0)

participants (3)

Simo Sorce
Stephen Gallagher
Sumit Bose