El mar, 07-10-2014 a las 20:01 -0400, Dmitri Pal escribió: > > The users and related information are not fetched until you > authenticate as this user. > The ability to fetch users and groups that are not yet authenticated > is tracked by the ticket https://fedorahosted.org/sssd/ticket/2159 and > will be addressed in the next version of SSSD. > How frequently do you really need to lookup unauthenticated AD users > and AD groups on linux systems? What is the use case? > > The ticket above is for the cases when there is an application that > needs to fetch the user so that admin of the application can assign > privileges to this user. But this is a pretty corner case.
It is a pretty common request when you configure a proxy server with authentication. You get the user's ticket but the user is not logged in on the system, so normal group membership via sssd won't work. Best regards -- Loris Santamaria linux user #70506 xmpp:[email protected] Links Global Services, C.A. http://www.lgs.com.ve Tel: 0286 952.06.87 Cel: 0414 095.00.10 sip:[email protected] ------------------------------------------------------------ "If I'd asked my customers what they wanted, they'd have said a faster horse" - Henry Ford -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
