[SSSD-users] The SSSD and sIDHistory

Hello! A question, is it possible now, or would there be value in developing the ability, for the daemon to use the siDHistory attribute when id-mapping is used for users and groups that are migrated to new domains? If I assume correctly, normally there would not be a need for this because in direct integration mode id-mapping is constrained by the domain, so the object SID is the object SID. However, if you are migrating users to a new domain(s) (as the result of organisational changes or upgrades for example) it would be very useful if a specific value in the sIDHistory attribute could be referenced for id-mapping so POSIX file systems or other data relationships tied to UID/GID enumerations if they exist were not negatively impacted. And again, if I understand correctly indirect integration modes do not solve this potential issue if the target users reside in domains trusted by the IPA domain. Suggestions or feedback if I misunderstand, and if I do understand correctly is there a possibility of developing a solution for this use case? Many thanks as always, -- lawrence