PR#43: Fix links to tickets users/relnotes/notes_1_15_3.rst - SSSD/docs

@@ -129,77 +129,77 @@

-  * `#3424 <https://pagure.io/SSSD/sssd/issue/#3424>`_ - calling nspr_nss_setup/cleanup repeatedly in sss_encrypt SIGABRTs NSS eventually

-  * `#3452 <https://pagure.io/SSSD/sssd/issue/#3452>`_ - ad_account_can_shortcut: allow shortcut for unhandled IDs

-  * `#3447 <https://pagure.io/SSSD/sssd/issue/#3447>`_ - files provider should not use LOCAL_pam_handler but call the backend

-  * `#3435 <https://pagure.io/SSSD/sssd/issue/#3435>`_ - Create a function to copy search bases between sdap_domain structures

-  * `#3431 <https://pagure.io/SSSD/sssd/issue/#3431>`_ - Loading enterprise principals doesn't work with a primed cache

-  * `#3426 <https://pagure.io/SSSD/sssd/issue/#3426>`_ - IPA client cannot change AD Trusted User password

-  * `#3418 <https://pagure.io/SSSD/sssd/issue/#3418>`_ - Segfault in access_provider = krb5 is set in sssd.conf due to an off-by-one error when constructing the child send buffer

-  * `#3410 <https://pagure.io/SSSD/sssd/issue/#3410>`_ - python-sssdconfig doesn't parse hexadecimal debug_level, resulting in set_option(): /usr/lib/python2.7/site-packages/SSSDConfig/__init__.py killed by TypeError

-  * `#3408 <https://pagure.io/SSSD/sssd/issue/#3408>`_ - Accept changed principal if krb5_canonicalize=True

-  * `#3404 <https://pagure.io/SSSD/sssd/issue/#3404>`_ - man: Update option "ipa_server_mode=True" in "man sssd-ipa"

-  * `#3403 <https://pagure.io/SSSD/sssd/issue/#3403>`_ - SSSD doesn't handle conflicts between users from trusted domains with the same name when shortname user resolution is enabled

-  * `#3398 <https://pagure.io/SSSD/sssd/issue/#3398>`_ - MAN: The timeout option doesn't say after how many heartbeats will the process be killed

-  * `#3397 <https://pagure.io/SSSD/sssd/issue/#3397>`_ - ad provider: Child domains always use autodiscovered search bases

-  * `#3393 <https://pagure.io/SSSD/sssd/issue/#3393>`_ - sss_nss_getlistbycert() does not return results from multiple domains

-  * `#3391 <https://pagure.io/SSSD/sssd/issue/#3391>`_ - sss_override doesn't work with files provider

-  * `#3389 <https://pagure.io/SSSD/sssd/issue/#3389>`_ - subdomain_homedir is not present in cfg_rules.ini

-  * `#3378 <https://pagure.io/SSSD/sssd/issue/#3378>`_ - domain_to_basedn() function should use SDAP_SEARCH_BASE value from the domain code

-  * `#3377 <https://pagure.io/SSSD/sssd/issue/#3377>`_ - sssd-ad man page should clarify that GSSAPI is used

-  * `#3375 <https://pagure.io/SSSD/sssd/issue/#3375>`_ - minor typo fix that might have big impact

-  * `#3361 <https://pagure.io/SSSD/sssd/issue/#3361>`_ - sssd_be crashes if ad_enabled_domains is selected

-  * `#3359 <https://pagure.io/SSSD/sssd/issue/#3359>`_ - Allow to disable krb5 locator plugin selectively

-  * `#3358 <https://pagure.io/SSSD/sssd/issue/#3358>`_ - [abrt] [faf] sssd: vfprintf(): /usr/libexec/sssd/sssd_be killed by 11

-  * `#3354 <https://pagure.io/SSSD/sssd/issue/#3354>`_ - ifp: Users.FindByCertificate fails when certificate contains data before encapsilation boundary

-  * `#3344 <https://pagure.io/SSSD/sssd/issue/#3344>`_ - Include sssd-secrets in SEE ALSO section of sssd.conf man page

-  * `#3343 <https://pagure.io/SSSD/sssd/issue/#3343>`_ - Properly fall back to local Smartcard authentication

-  * `#3340 <https://pagure.io/SSSD/sssd/issue/#3340>`_ - The option enable_files_domain does not work if sssd is not compiled with --enable-files-domain

-  * `#3339 <https://pagure.io/SSSD/sssd/issue/#3339>`_ - sssd failed to start with missing /etc/sssd/sssd.conf if compiled without --enable-files-domain

-  * `#3332 <https://pagure.io/SSSD/sssd/issue/#3332>`_ - Issue processing ssh keys from certificates in ssh respoder

-  * `#3448 <https://pagure.io/SSSD/sssd/issue/#3448>`_ - Idle nss file descriptors should be closed

-  * `#3428 <https://pagure.io/SSSD/sssd/issue/#3428>`_ - getent failed to fetch netgroup information after changing default_domain_suffix to ADdomin in /etc/sssd/sssd.conf

-  * `#3356 <https://pagure.io/SSSD/sssd/issue/#3356>`_ - Config file validator doesn't process entries from application domain

-  * `#3331 <https://pagure.io/SSSD/sssd/issue/#3331>`_ - Wrong pam return code for user from subdomain with

-  * `#3329 <https://pagure.io/SSSD/sssd/issue/#3329>`_ - Wrong principal found with ad provider and long host name

-  * `#3421 <https://pagure.io/SSSD/sssd/issue/#3421>`_ - Wrong search base used when SSSD is directly connected to AD child domain

-  * `#3406 <https://pagure.io/SSSD/sssd/issue/#3406>`_ - sssd goes offline when renewing expired ticket

-  * `#3394 <https://pagure.io/SSSD/sssd/issue/#3394>`_ - LDAP to IPA migration doesn't work in master

-  * `#3392 <https://pagure.io/SSSD/sssd/issue/#3392>`_ - org.freedesktop.sssd.infopipe.GetUserGroups does not resolve groups into names with AD

-  * `#3382 <https://pagure.io/SSSD/sssd/issue/#3382>`_ - SSSD should use memberOf, not originalMemberOf to evaluate group membership for HBAC rules

-  * `#3381 <https://pagure.io/SSSD/sssd/issue/#3381>`_ - Per-subdomain LDAP filter is not applied for subsequent subdomains

-  * `#3373 <https://pagure.io/SSSD/sssd/issue/#3373>`_ - Infopipe method ListByCertificate does not return the users with overrides

-  * `#3372 <https://pagure.io/SSSD/sssd/issue/#3372>`_ - crash in sssd-kcm due to a race-condition between two concurrent requests

-  * `#3369 <https://pagure.io/SSSD/sssd/issue/#3369>`_ - ldap_purge_cache_timeout in RHEL7.3 invalidate most of the entries once the cleanup task kicks in

-  * `#3362 <https://pagure.io/SSSD/sssd/issue/#3362>`_ - fiter_users and filter_groups stop working properly in v 1.15

-  * `#3351 <https://pagure.io/SSSD/sssd/issue/#3351>`_ - User lookup failure due to search-base handling

-  * `#3347 <https://pagure.io/SSSD/sssd/issue/#3347>`_ - gpo_child fails when log is enabled in smb

-  * `#3318 <https://pagure.io/SSSD/sssd/issue/#3318>`_ - SSSD in server mode iterates over all domains for group-by-GID requests, causing unnecessary searches

-  * `#3310 <https://pagure.io/SSSD/sssd/issue/#3310>`_ - Support delivering non-POSIX users and groups through the IFP and PAM interfaces

-  * `#3050 <https://pagure.io/SSSD/sssd/issue/#3050>`_ - [RFE] Use one smartcard and certificate for authentication to distinct logon accounts

-  * `#3001 <https://pagure.io/SSSD/sssd/issue/#3001>`_ - [RFE] Short name input format with SSSD for users from all domains when domain autodiscovery is used or when SSSD acts as an IPA client for server with IPA-AD trusts

-  * `#2887 <https://pagure.io/SSSD/sssd/issue/#2887>`_ - [RFE] KCM ccache daemon in SSSD

-  * `#3419 <https://pagure.io/SSSD/sssd/issue/#3419>`_ - krb5: properly handle 'password expired' information retured by the KDC during PKINIT/Smartcard authentication

-  * `#3407 <https://pagure.io/SSSD/sssd/issue/#3407>`_ - IPA: do not lookup IPA users via extdom plugin

-  * `#3405 <https://pagure.io/SSSD/sssd/issue/#3405>`_ - Handle certmap errors gracefully during user lookups

-  * `#3395 <https://pagure.io/SSSD/sssd/issue/#3395>`_ - Properly support IPA's promptusername config option

-  * `#3387 <https://pagure.io/SSSD/sssd/issue/#3387>`_ - Dbus activate InfoPipe does not answer some initial request

-  * `#3385 <https://pagure.io/SSSD/sssd/issue/#3385>`_ - Smart card login fails if same cert mapped to IdM user and AD user

-  * `#3355 <https://pagure.io/SSSD/sssd/issue/#3355>`_ - application domain requires inherit_from and cannot be used separately

-  * `#3327 <https://pagure.io/SSSD/sssd/issue/#3327>`_ - expect sss_ssh_authorizedkeys and sss_ssh_knownhostsproxy manuals to be packaged into sssd-common package

-  * `#3297 <https://pagure.io/SSSD/sssd/issue/#3297>`_ - selinux_provider fails in a container if libsemanage is not available

-  * `#3268 <https://pagure.io/SSSD/sssd/issue/#3268>`_ - D-Bus GetUserGroups method of sssd is always qualifying all group names

-  * `#3240 <https://pagure.io/SSSD/sssd/issue/#3240>`_ - Smartcard authentication with UPN as logon name might fail

-  * `#3210 <https://pagure.io/SSSD/sssd/issue/#3210>`_ - [RFE] Read prioritized list of trusted domains for unqualified ID resolution from IDM server

-  * `#3192 <https://pagure.io/SSSD/sssd/issue/#3192>`_ - [sssd-secrets] https proxy talks plain http

-  * `#3182 <https://pagure.io/SSSD/sssd/issue/#3182>`_ - sssd does not refresh expired cache entries with enumerate=true

-  * `#3065 <https://pagure.io/SSSD/sssd/issue/#3065>`_ - sssctl: distinguish between autodiscovered and joined domains

-  * `#2940 <https://pagure.io/SSSD/sssd/issue/#2940>`_ - The member link is not removed when the last group's nested member goes away

-  * `#2714 <https://pagure.io/SSSD/sssd/issue/#2714>`_ - Add SSSD domain as property to user on D-Bus

-  * `#1498 <https://pagure.io/SSSD/sssd/issue/#1498>`_ - sss_ssh_knownhostsproxy prevents connection if the network is unreachable via one IP address

-  * `#3330 <https://pagure.io/SSSD/sssd/issue/#3330>`_ - sssctl config-check does not give any error when default configuration file is not present

-  * `#3292 <https://pagure.io/SSSD/sssd/issue/#3292>`_ - RFE: Create troubleshooting tool to check authentication, authorization and extended attribute lookup

-  * `#3133 <https://pagure.io/SSSD/sssd/issue/#3133>`_ - RFE to add option of check user access in SSSD

+  * `#3424 <https://pagure.io/SSSD/sssd/issue/3424>`_ - calling nspr_nss_setup/cleanup repeatedly in sss_encrypt SIGABRTs NSS eventually

+  * `#3452 <https://pagure.io/SSSD/sssd/issue/3452>`_ - ad_account_can_shortcut: allow shortcut for unhandled IDs

+  * `#3447 <https://pagure.io/SSSD/sssd/issue/3447>`_ - files provider should not use LOCAL_pam_handler but call the backend

+  * `#3435 <https://pagure.io/SSSD/sssd/issue/3435>`_ - Create a function to copy search bases between sdap_domain structures

+  * `#3431 <https://pagure.io/SSSD/sssd/issue/3431>`_ - Loading enterprise principals doesn't work with a primed cache

+  * `#3426 <https://pagure.io/SSSD/sssd/issue/3426>`_ - IPA client cannot change AD Trusted User password

+  * `#3418 <https://pagure.io/SSSD/sssd/issue/3418>`_ - Segfault in access_provider = krb5 is set in sssd.conf due to an off-by-one error when constructing the child send buffer

+  * `#3410 <https://pagure.io/SSSD/sssd/issue/3410>`_ - python-sssdconfig doesn't parse hexadecimal debug_level, resulting in set_option(): /usr/lib/python2.7/site-packages/SSSDConfig/__init__.py killed by TypeError

+  * `#3408 <https://pagure.io/SSSD/sssd/issue/3408>`_ - Accept changed principal if krb5_canonicalize=True

+  * `#3404 <https://pagure.io/SSSD/sssd/issue/3404>`_ - man: Update option "ipa_server_mode=True" in "man sssd-ipa"

+  * `#3403 <https://pagure.io/SSSD/sssd/issue/3403>`_ - SSSD doesn't handle conflicts between users from trusted domains with the same name when shortname user resolution is enabled

+  * `#3398 <https://pagure.io/SSSD/sssd/issue/3398>`_ - MAN: The timeout option doesn't say after how many heartbeats will the process be killed

+  * `#3397 <https://pagure.io/SSSD/sssd/issue/3397>`_ - ad provider: Child domains always use autodiscovered search bases

+  * `#3393 <https://pagure.io/SSSD/sssd/issue/3393>`_ - sss_nss_getlistbycert() does not return results from multiple domains

+  * `#3391 <https://pagure.io/SSSD/sssd/issue/3391>`_ - sss_override doesn't work with files provider

+  * `#3389 <https://pagure.io/SSSD/sssd/issue/3389>`_ - subdomain_homedir is not present in cfg_rules.ini

+  * `#3378 <https://pagure.io/SSSD/sssd/issue/3378>`_ - domain_to_basedn() function should use SDAP_SEARCH_BASE value from the domain code

+  * `#3377 <https://pagure.io/SSSD/sssd/issue/3377>`_ - sssd-ad man page should clarify that GSSAPI is used

+  * `#3375 <https://pagure.io/SSSD/sssd/issue/3375>`_ - minor typo fix that might have big impact

+  * `#3361 <https://pagure.io/SSSD/sssd/issue/3361>`_ - sssd_be crashes if ad_enabled_domains is selected

+  * `#3359 <https://pagure.io/SSSD/sssd/issue/3359>`_ - Allow to disable krb5 locator plugin selectively

+  * `#3358 <https://pagure.io/SSSD/sssd/issue/3358>`_ - [abrt] [faf] sssd: vfprintf(): /usr/libexec/sssd/sssd_be killed by 11

+  * `#3354 <https://pagure.io/SSSD/sssd/issue/3354>`_ - ifp: Users.FindByCertificate fails when certificate contains data before encapsilation boundary

+  * `#3344 <https://pagure.io/SSSD/sssd/issue/3344>`_ - Include sssd-secrets in SEE ALSO section of sssd.conf man page

+  * `#3343 <https://pagure.io/SSSD/sssd/issue/3343>`_ - Properly fall back to local Smartcard authentication

+  * `#3340 <https://pagure.io/SSSD/sssd/issue/3340>`_ - The option enable_files_domain does not work if sssd is not compiled with --enable-files-domain

+  * `#3339 <https://pagure.io/SSSD/sssd/issue/3339>`_ - sssd failed to start with missing /etc/sssd/sssd.conf if compiled without --enable-files-domain

+  * `#3332 <https://pagure.io/SSSD/sssd/issue/3332>`_ - Issue processing ssh keys from certificates in ssh respoder

+  * `#3448 <https://pagure.io/SSSD/sssd/issue/3448>`_ - Idle nss file descriptors should be closed

+  * `#3428 <https://pagure.io/SSSD/sssd/issue/3428>`_ - getent failed to fetch netgroup information after changing default_domain_suffix to ADdomin in /etc/sssd/sssd.conf

+  * `#3356 <https://pagure.io/SSSD/sssd/issue/3356>`_ - Config file validator doesn't process entries from application domain

+  * `#3331 <https://pagure.io/SSSD/sssd/issue/3331>`_ - Wrong pam return code for user from subdomain with

+  * `#3329 <https://pagure.io/SSSD/sssd/issue/3329>`_ - Wrong principal found with ad provider and long host name

+  * `#3421 <https://pagure.io/SSSD/sssd/issue/3421>`_ - Wrong search base used when SSSD is directly connected to AD child domain

+  * `#3406 <https://pagure.io/SSSD/sssd/issue/3406>`_ - sssd goes offline when renewing expired ticket

+  * `#3394 <https://pagure.io/SSSD/sssd/issue/3394>`_ - LDAP to IPA migration doesn't work in master

+  * `#3392 <https://pagure.io/SSSD/sssd/issue/3392>`_ - org.freedesktop.sssd.infopipe.GetUserGroups does not resolve groups into names with AD

+  * `#3382 <https://pagure.io/SSSD/sssd/issue/3382>`_ - SSSD should use memberOf, not originalMemberOf to evaluate group membership for HBAC rules

+  * `#3381 <https://pagure.io/SSSD/sssd/issue/3381>`_ - Per-subdomain LDAP filter is not applied for subsequent subdomains

+  * `#3373 <https://pagure.io/SSSD/sssd/issue/3373>`_ - Infopipe method ListByCertificate does not return the users with overrides

+  * `#3372 <https://pagure.io/SSSD/sssd/issue/3372>`_ - crash in sssd-kcm due to a race-condition between two concurrent requests

+  * `#3369 <https://pagure.io/SSSD/sssd/issue/3369>`_ - ldap_purge_cache_timeout in RHEL7.3 invalidate most of the entries once the cleanup task kicks in

+  * `#3362 <https://pagure.io/SSSD/sssd/issue/3362>`_ - fiter_users and filter_groups stop working properly in v 1.15

+  * `#3351 <https://pagure.io/SSSD/sssd/issue/3351>`_ - User lookup failure due to search-base handling

+  * `#3347 <https://pagure.io/SSSD/sssd/issue/3347>`_ - gpo_child fails when log is enabled in smb

+  * `#3318 <https://pagure.io/SSSD/sssd/issue/3318>`_ - SSSD in server mode iterates over all domains for group-by-GID requests, causing unnecessary searches

+  * `#3310 <https://pagure.io/SSSD/sssd/issue/3310>`_ - Support delivering non-POSIX users and groups through the IFP and PAM interfaces

+  * `#3050 <https://pagure.io/SSSD/sssd/issue/3050>`_ - [RFE] Use one smartcard and certificate for authentication to distinct logon accounts

+  * `#3001 <https://pagure.io/SSSD/sssd/issue/3001>`_ - [RFE] Short name input format with SSSD for users from all domains when domain autodiscovery is used or when SSSD acts as an IPA client for server with IPA-AD trusts

+  * `#2887 <https://pagure.io/SSSD/sssd/issue/2887>`_ - [RFE] KCM ccache daemon in SSSD

+  * `#3419 <https://pagure.io/SSSD/sssd/issue/3419>`_ - krb5: properly handle 'password expired' information retured by the KDC during PKINIT/Smartcard authentication

+  * `#3407 <https://pagure.io/SSSD/sssd/issue/3407>`_ - IPA: do not lookup IPA users via extdom plugin

+  * `#3405 <https://pagure.io/SSSD/sssd/issue/3405>`_ - Handle certmap errors gracefully during user lookups

+  * `#3395 <https://pagure.io/SSSD/sssd/issue/3395>`_ - Properly support IPA's promptusername config option

+  * `#3387 <https://pagure.io/SSSD/sssd/issue/3387>`_ - Dbus activate InfoPipe does not answer some initial request

+  * `#3385 <https://pagure.io/SSSD/sssd/issue/3385>`_ - Smart card login fails if same cert mapped to IdM user and AD user

+  * `#3355 <https://pagure.io/SSSD/sssd/issue/3355>`_ - application domain requires inherit_from and cannot be used separately

+  * `#3327 <https://pagure.io/SSSD/sssd/issue/3327>`_ - expect sss_ssh_authorizedkeys and sss_ssh_knownhostsproxy manuals to be packaged into sssd-common package

+  * `#3297 <https://pagure.io/SSSD/sssd/issue/3297>`_ - selinux_provider fails in a container if libsemanage is not available

+  * `#3268 <https://pagure.io/SSSD/sssd/issue/3268>`_ - D-Bus GetUserGroups method of sssd is always qualifying all group names

+  * `#3240 <https://pagure.io/SSSD/sssd/issue/3240>`_ - Smartcard authentication with UPN as logon name might fail

+  * `#3210 <https://pagure.io/SSSD/sssd/issue/3210>`_ - [RFE] Read prioritized list of trusted domains for unqualified ID resolution from IDM server

+  * `#3192 <https://pagure.io/SSSD/sssd/issue/3192>`_ - [sssd-secrets] https proxy talks plain http

+  * `#3182 <https://pagure.io/SSSD/sssd/issue/3182>`_ - sssd does not refresh expired cache entries with enumerate=true

+  * `#3065 <https://pagure.io/SSSD/sssd/issue/3065>`_ - sssctl: distinguish between autodiscovered and joined domains

+  * `#2940 <https://pagure.io/SSSD/sssd/issue/2940>`_ - The member link is not removed when the last group's nested member goes away

+  * `#2714 <https://pagure.io/SSSD/sssd/issue/2714>`_ - Add SSSD domain as property to user on D-Bus

+  * `#1498 <https://pagure.io/SSSD/sssd/issue/1498>`_ - sss_ssh_knownhostsproxy prevents connection if the network is unreachable via one IP address

+  * `#3330 <https://pagure.io/SSSD/sssd/issue/3330>`_ - sssctl config-check does not give any error when default configuration file is not present

+  * `#3292 <https://pagure.io/SSSD/sssd/issue/3292>`_ - RFE: Create troubleshooting tool to check authentication, authorization and extended attribute lookup

+  * `#3133 <https://pagure.io/SSSD/sssd/issue/3133>`_ - RFE to add option of check user access in SSSD

SSSD / docs

#43 Fix links to tickets users/relnotes/notes_1_15_3.rst

Merged 6 years ago by jhrozek. Opened 6 years ago by lslebodn.

SSSD/ lslebodn/docs master into master

Metadata

Changes Summary 1

		`@@ -129,77 +129,77 @@`

		`Tickets Fixed`
		`-------------`
		- * `#3424 <https://pagure.io/SSSD/sssd/issue/#3424>`_ - calling nspr_nss_setup/cleanup repeatedly in sss_encrypt SIGABRTs NSS eventually
		- * `#3452 <https://pagure.io/SSSD/sssd/issue/#3452>`_ - ad_account_can_shortcut: allow shortcut for unhandled IDs
		- * `#3447 <https://pagure.io/SSSD/sssd/issue/#3447>`_ - files provider should not use LOCAL_pam_handler but call the backend
		- * `#3435 <https://pagure.io/SSSD/sssd/issue/#3435>`_ - Create a function to copy search bases between sdap_domain structures
		- * `#3431 <https://pagure.io/SSSD/sssd/issue/#3431>`_ - Loading enterprise principals doesn't work with a primed cache
		- * `#3426 <https://pagure.io/SSSD/sssd/issue/#3426>`_ - IPA client cannot change AD Trusted User password
		- * `#3418 <https://pagure.io/SSSD/sssd/issue/#3418>`_ - Segfault in access_provider = krb5 is set in sssd.conf due to an off-by-one error when constructing the child send buffer
		- * `#3410 <https://pagure.io/SSSD/sssd/issue/#3410>`_ - python-sssdconfig doesn't parse hexadecimal debug_level, resulting in set_option(): /usr/lib/python2.7/site-packages/SSSDConfig/__init__.py killed by TypeError
		- * `#3408 <https://pagure.io/SSSD/sssd/issue/#3408>`_ - Accept changed principal if krb5_canonicalize=True
		- * `#3404 <https://pagure.io/SSSD/sssd/issue/#3404>`_ - man: Update option "ipa_server_mode=True" in "man sssd-ipa"
		- * `#3403 <https://pagure.io/SSSD/sssd/issue/#3403>`_ - SSSD doesn't handle conflicts between users from trusted domains with the same name when shortname user resolution is enabled
		- * `#3398 <https://pagure.io/SSSD/sssd/issue/#3398>`_ - MAN: The timeout option doesn't say after how many heartbeats will the process be killed
		- * `#3397 <https://pagure.io/SSSD/sssd/issue/#3397>`_ - ad provider: Child domains always use autodiscovered search bases
		- * `#3393 <https://pagure.io/SSSD/sssd/issue/#3393>`_ - sss_nss_getlistbycert() does not return results from multiple domains
		- * `#3391 <https://pagure.io/SSSD/sssd/issue/#3391>`_ - sss_override doesn't work with files provider
		- * `#3389 <https://pagure.io/SSSD/sssd/issue/#3389>`_ - subdomain_homedir is not present in cfg_rules.ini
		- * `#3378 <https://pagure.io/SSSD/sssd/issue/#3378>`_ - domain_to_basedn() function should use SDAP_SEARCH_BASE value from the domain code
		- * `#3377 <https://pagure.io/SSSD/sssd/issue/#3377>`_ - sssd-ad man page should clarify that GSSAPI is used
		- * `#3375 <https://pagure.io/SSSD/sssd/issue/#3375>`_ - minor typo fix that might have big impact
		- * `#3361 <https://pagure.io/SSSD/sssd/issue/#3361>`_ - sssd_be crashes if ad_enabled_domains is selected
		- * `#3359 <https://pagure.io/SSSD/sssd/issue/#3359>`_ - Allow to disable krb5 locator plugin selectively
		- * `#3358 <https://pagure.io/SSSD/sssd/issue/#3358>`_ - [abrt] [faf] sssd: vfprintf(): /usr/libexec/sssd/sssd_be killed by 11
		- * `#3354 <https://pagure.io/SSSD/sssd/issue/#3354>`_ - ifp: Users.FindByCertificate fails when certificate contains data before encapsilation boundary
		- * `#3344 <https://pagure.io/SSSD/sssd/issue/#3344>`_ - Include sssd-secrets in SEE ALSO section of sssd.conf man page
		- * `#3343 <https://pagure.io/SSSD/sssd/issue/#3343>`_ - Properly fall back to local Smartcard authentication
		- * `#3340 <https://pagure.io/SSSD/sssd/issue/#3340>`_ - The option enable_files_domain does not work if sssd is not compiled with --enable-files-domain
		- * `#3339 <https://pagure.io/SSSD/sssd/issue/#3339>`_ - sssd failed to start with missing /etc/sssd/sssd.conf if compiled without --enable-files-domain
		- * `#3332 <https://pagure.io/SSSD/sssd/issue/#3332>`_ - Issue processing ssh keys from certificates in ssh respoder
		- * `#3448 <https://pagure.io/SSSD/sssd/issue/#3448>`_ - Idle nss file descriptors should be closed
		- * `#3428 <https://pagure.io/SSSD/sssd/issue/#3428>`_ - getent failed to fetch netgroup information after changing default_domain_suffix to ADdomin in /etc/sssd/sssd.conf
		- * `#3356 <https://pagure.io/SSSD/sssd/issue/#3356>`_ - Config file validator doesn't process entries from application domain
		- * `#3331 <https://pagure.io/SSSD/sssd/issue/#3331>`_ - Wrong pam return code for user from subdomain with
		- * `#3329 <https://pagure.io/SSSD/sssd/issue/#3329>`_ - Wrong principal found with ad provider and long host name
		- * `#3421 <https://pagure.io/SSSD/sssd/issue/#3421>`_ - Wrong search base used when SSSD is directly connected to AD child domain
		- * `#3406 <https://pagure.io/SSSD/sssd/issue/#3406>`_ - sssd goes offline when renewing expired ticket
		- * `#3394 <https://pagure.io/SSSD/sssd/issue/#3394>`_ - LDAP to IPA migration doesn't work in master
		- * `#3392 <https://pagure.io/SSSD/sssd/issue/#3392>`_ - org.freedesktop.sssd.infopipe.GetUserGroups does not resolve groups into names with AD
		- * `#3382 <https://pagure.io/SSSD/sssd/issue/#3382>`_ - SSSD should use memberOf, not originalMemberOf to evaluate group membership for HBAC rules
		- * `#3381 <https://pagure.io/SSSD/sssd/issue/#3381>`_ - Per-subdomain LDAP filter is not applied for subsequent subdomains
		- * `#3373 <https://pagure.io/SSSD/sssd/issue/#3373>`_ - Infopipe method ListByCertificate does not return the users with overrides
		- * `#3372 <https://pagure.io/SSSD/sssd/issue/#3372>`_ - crash in sssd-kcm due to a race-condition between two concurrent requests
		- * `#3369 <https://pagure.io/SSSD/sssd/issue/#3369>`_ - ldap_purge_cache_timeout in RHEL7.3 invalidate most of the entries once the cleanup task kicks in
		- * `#3362 <https://pagure.io/SSSD/sssd/issue/#3362>`_ - fiter_users and filter_groups stop working properly in v 1.15
		- * `#3351 <https://pagure.io/SSSD/sssd/issue/#3351>`_ - User lookup failure due to search-base handling
		- * `#3347 <https://pagure.io/SSSD/sssd/issue/#3347>`_ - gpo_child fails when log is enabled in smb
		- * `#3318 <https://pagure.io/SSSD/sssd/issue/#3318>`_ - SSSD in server mode iterates over all domains for group-by-GID requests, causing unnecessary searches
		- * `#3310 <https://pagure.io/SSSD/sssd/issue/#3310>`_ - Support delivering non-POSIX users and groups through the IFP and PAM interfaces
		- * `#3050 <https://pagure.io/SSSD/sssd/issue/#3050>`_ - [RFE] Use one smartcard and certificate for authentication to distinct logon accounts
		- * `#3001 <https://pagure.io/SSSD/sssd/issue/#3001>`_ - [RFE] Short name input format with SSSD for users from all domains when domain autodiscovery is used or when SSSD acts as an IPA client for server with IPA-AD trusts
		- * `#2887 <https://pagure.io/SSSD/sssd/issue/#2887>`_ - [RFE] KCM ccache daemon in SSSD
		- * `#3419 <https://pagure.io/SSSD/sssd/issue/#3419>`_ - krb5: properly handle 'password expired' information retured by the KDC during PKINIT/Smartcard authentication
		- * `#3407 <https://pagure.io/SSSD/sssd/issue/#3407>`_ - IPA: do not lookup IPA users via extdom plugin
		- * `#3405 <https://pagure.io/SSSD/sssd/issue/#3405>`_ - Handle certmap errors gracefully during user lookups
		- * `#3395 <https://pagure.io/SSSD/sssd/issue/#3395>`_ - Properly support IPA's promptusername config option
		- * `#3387 <https://pagure.io/SSSD/sssd/issue/#3387>`_ - Dbus activate InfoPipe does not answer some initial request
		- * `#3385 <https://pagure.io/SSSD/sssd/issue/#3385>`_ - Smart card login fails if same cert mapped to IdM user and AD user
		- * `#3355 <https://pagure.io/SSSD/sssd/issue/#3355>`_ - application domain requires inherit_from and cannot be used separately
		- * `#3327 <https://pagure.io/SSSD/sssd/issue/#3327>`_ - expect sss_ssh_authorizedkeys and sss_ssh_knownhostsproxy manuals to be packaged into sssd-common package
		- * `#3297 <https://pagure.io/SSSD/sssd/issue/#3297>`_ - selinux_provider fails in a container if libsemanage is not available
		- * `#3268 <https://pagure.io/SSSD/sssd/issue/#3268>`_ - D-Bus GetUserGroups method of sssd is always qualifying all group names
		- * `#3240 <https://pagure.io/SSSD/sssd/issue/#3240>`_ - Smartcard authentication with UPN as logon name might fail
		- * `#3210 <https://pagure.io/SSSD/sssd/issue/#3210>`_ - [RFE] Read prioritized list of trusted domains for unqualified ID resolution from IDM server
		- * `#3192 <https://pagure.io/SSSD/sssd/issue/#3192>`_ - [sssd-secrets] https proxy talks plain http
		- * `#3182 <https://pagure.io/SSSD/sssd/issue/#3182>`_ - sssd does not refresh expired cache entries with enumerate=true
		- * `#3065 <https://pagure.io/SSSD/sssd/issue/#3065>`_ - sssctl: distinguish between autodiscovered and joined domains
		- * `#2940 <https://pagure.io/SSSD/sssd/issue/#2940>`_ - The member link is not removed when the last group's nested member goes away
		- * `#2714 <https://pagure.io/SSSD/sssd/issue/#2714>`_ - Add SSSD domain as property to user on D-Bus
		- * `#1498 <https://pagure.io/SSSD/sssd/issue/#1498>`_ - sss_ssh_knownhostsproxy prevents connection if the network is unreachable via one IP address
		- * `#3330 <https://pagure.io/SSSD/sssd/issue/#3330>`_ - sssctl config-check does not give any error when default configuration file is not present
		- * `#3292 <https://pagure.io/SSSD/sssd/issue/#3292>`_ - RFE: Create troubleshooting tool to check authentication, authorization and extended attribute lookup
		- * `#3133 <https://pagure.io/SSSD/sssd/issue/#3133>`_ - RFE to add option of check user access in SSSD
		+ * `#3424 <https://pagure.io/SSSD/sssd/issue/3424>`_ - calling nspr_nss_setup/cleanup repeatedly in sss_encrypt SIGABRTs NSS eventually
		+ * `#3452 <https://pagure.io/SSSD/sssd/issue/3452>`_ - ad_account_can_shortcut: allow shortcut for unhandled IDs
		+ * `#3447 <https://pagure.io/SSSD/sssd/issue/3447>`_ - files provider should not use LOCAL_pam_handler but call the backend
		+ * `#3435 <https://pagure.io/SSSD/sssd/issue/3435>`_ - Create a function to copy search bases between sdap_domain structures
		+ * `#3431 <https://pagure.io/SSSD/sssd/issue/3431>`_ - Loading enterprise principals doesn't work with a primed cache
		+ * `#3426 <https://pagure.io/SSSD/sssd/issue/3426>`_ - IPA client cannot change AD Trusted User password
		+ * `#3418 <https://pagure.io/SSSD/sssd/issue/3418>`_ - Segfault in access_provider = krb5 is set in sssd.conf due to an off-by-one error when constructing the child send buffer
		+ * `#3410 <https://pagure.io/SSSD/sssd/issue/3410>`_ - python-sssdconfig doesn't parse hexadecimal debug_level, resulting in set_option(): /usr/lib/python2.7/site-packages/SSSDConfig/__init__.py killed by TypeError
		+ * `#3408 <https://pagure.io/SSSD/sssd/issue/3408>`_ - Accept changed principal if krb5_canonicalize=True
		+ * `#3404 <https://pagure.io/SSSD/sssd/issue/3404>`_ - man: Update option "ipa_server_mode=True" in "man sssd-ipa"
		+ * `#3403 <https://pagure.io/SSSD/sssd/issue/3403>`_ - SSSD doesn't handle conflicts between users from trusted domains with the same name when shortname user resolution is enabled
		+ * `#3398 <https://pagure.io/SSSD/sssd/issue/3398>`_ - MAN: The timeout option doesn't say after how many heartbeats will the process be killed
		+ * `#3397 <https://pagure.io/SSSD/sssd/issue/3397>`_ - ad provider: Child domains always use autodiscovered search bases
		+ * `#3393 <https://pagure.io/SSSD/sssd/issue/3393>`_ - sss_nss_getlistbycert() does not return results from multiple domains
		+ * `#3391 <https://pagure.io/SSSD/sssd/issue/3391>`_ - sss_override doesn't work with files provider
		+ * `#3389 <https://pagure.io/SSSD/sssd/issue/3389>`_ - subdomain_homedir is not present in cfg_rules.ini
		+ * `#3378 <https://pagure.io/SSSD/sssd/issue/3378>`_ - domain_to_basedn() function should use SDAP_SEARCH_BASE value from the domain code
		+ * `#3377 <https://pagure.io/SSSD/sssd/issue/3377>`_ - sssd-ad man page should clarify that GSSAPI is used
		+ * `#3375 <https://pagure.io/SSSD/sssd/issue/3375>`_ - minor typo fix that might have big impact
		+ * `#3361 <https://pagure.io/SSSD/sssd/issue/3361>`_ - sssd_be crashes if ad_enabled_domains is selected
		+ * `#3359 <https://pagure.io/SSSD/sssd/issue/3359>`_ - Allow to disable krb5 locator plugin selectively
		+ * `#3358 <https://pagure.io/SSSD/sssd/issue/3358>`_ - [abrt] [faf] sssd: vfprintf(): /usr/libexec/sssd/sssd_be killed by 11
		+ * `#3354 <https://pagure.io/SSSD/sssd/issue/3354>`_ - ifp: Users.FindByCertificate fails when certificate contains data before encapsilation boundary
		+ * `#3344 <https://pagure.io/SSSD/sssd/issue/3344>`_ - Include sssd-secrets in SEE ALSO section of sssd.conf man page
		+ * `#3343 <https://pagure.io/SSSD/sssd/issue/3343>`_ - Properly fall back to local Smartcard authentication
		+ * `#3340 <https://pagure.io/SSSD/sssd/issue/3340>`_ - The option enable_files_domain does not work if sssd is not compiled with --enable-files-domain
		+ * `#3339 <https://pagure.io/SSSD/sssd/issue/3339>`_ - sssd failed to start with missing /etc/sssd/sssd.conf if compiled without --enable-files-domain
		+ * `#3332 <https://pagure.io/SSSD/sssd/issue/3332>`_ - Issue processing ssh keys from certificates in ssh respoder
		+ * `#3448 <https://pagure.io/SSSD/sssd/issue/3448>`_ - Idle nss file descriptors should be closed
		+ * `#3428 <https://pagure.io/SSSD/sssd/issue/3428>`_ - getent failed to fetch netgroup information after changing default_domain_suffix to ADdomin in /etc/sssd/sssd.conf
		+ * `#3356 <https://pagure.io/SSSD/sssd/issue/3356>`_ - Config file validator doesn't process entries from application domain
		+ * `#3331 <https://pagure.io/SSSD/sssd/issue/3331>`_ - Wrong pam return code for user from subdomain with
		+ * `#3329 <https://pagure.io/SSSD/sssd/issue/3329>`_ - Wrong principal found with ad provider and long host name
		+ * `#3421 <https://pagure.io/SSSD/sssd/issue/3421>`_ - Wrong search base used when SSSD is directly connected to AD child domain
		+ * `#3406 <https://pagure.io/SSSD/sssd/issue/3406>`_ - sssd goes offline when renewing expired ticket
		+ * `#3394 <https://pagure.io/SSSD/sssd/issue/3394>`_ - LDAP to IPA migration doesn't work in master
		+ * `#3392 <https://pagure.io/SSSD/sssd/issue/3392>`_ - org.freedesktop.sssd.infopipe.GetUserGroups does not resolve groups into names with AD
		+ * `#3382 <https://pagure.io/SSSD/sssd/issue/3382>`_ - SSSD should use memberOf, not originalMemberOf to evaluate group membership for HBAC rules
		+ * `#3381 <https://pagure.io/SSSD/sssd/issue/3381>`_ - Per-subdomain LDAP filter is not applied for subsequent subdomains
		+ * `#3373 <https://pagure.io/SSSD/sssd/issue/3373>`_ - Infopipe method ListByCertificate does not return the users with overrides
		+ * `#3372 <https://pagure.io/SSSD/sssd/issue/3372>`_ - crash in sssd-kcm due to a race-condition between two concurrent requests
		+ * `#3369 <https://pagure.io/SSSD/sssd/issue/3369>`_ - ldap_purge_cache_timeout in RHEL7.3 invalidate most of the entries once the cleanup task kicks in
		+ * `#3362 <https://pagure.io/SSSD/sssd/issue/3362>`_ - fiter_users and filter_groups stop working properly in v 1.15
		+ * `#3351 <https://pagure.io/SSSD/sssd/issue/3351>`_ - User lookup failure due to search-base handling
		+ * `#3347 <https://pagure.io/SSSD/sssd/issue/3347>`_ - gpo_child fails when log is enabled in smb
		+ * `#3318 <https://pagure.io/SSSD/sssd/issue/3318>`_ - SSSD in server mode iterates over all domains for group-by-GID requests, causing unnecessary searches
		+ * `#3310 <https://pagure.io/SSSD/sssd/issue/3310>`_ - Support delivering non-POSIX users and groups through the IFP and PAM interfaces
		+ * `#3050 <https://pagure.io/SSSD/sssd/issue/3050>`_ - [RFE] Use one smartcard and certificate for authentication to distinct logon accounts
		+ * `#3001 <https://pagure.io/SSSD/sssd/issue/3001>`_ - [RFE] Short name input format with SSSD for users from all domains when domain autodiscovery is used or when SSSD acts as an IPA client for server with IPA-AD trusts
		+ * `#2887 <https://pagure.io/SSSD/sssd/issue/2887>`_ - [RFE] KCM ccache daemon in SSSD
		+ * `#3419 <https://pagure.io/SSSD/sssd/issue/3419>`_ - krb5: properly handle 'password expired' information retured by the KDC during PKINIT/Smartcard authentication
		+ * `#3407 <https://pagure.io/SSSD/sssd/issue/3407>`_ - IPA: do not lookup IPA users via extdom plugin
		+ * `#3405 <https://pagure.io/SSSD/sssd/issue/3405>`_ - Handle certmap errors gracefully during user lookups
		+ * `#3395 <https://pagure.io/SSSD/sssd/issue/3395>`_ - Properly support IPA's promptusername config option
		+ * `#3387 <https://pagure.io/SSSD/sssd/issue/3387>`_ - Dbus activate InfoPipe does not answer some initial request
		+ * `#3385 <https://pagure.io/SSSD/sssd/issue/3385>`_ - Smart card login fails if same cert mapped to IdM user and AD user
		+ * `#3355 <https://pagure.io/SSSD/sssd/issue/3355>`_ - application domain requires inherit_from and cannot be used separately
		+ * `#3327 <https://pagure.io/SSSD/sssd/issue/3327>`_ - expect sss_ssh_authorizedkeys and sss_ssh_knownhostsproxy manuals to be packaged into sssd-common package
		+ * `#3297 <https://pagure.io/SSSD/sssd/issue/3297>`_ - selinux_provider fails in a container if libsemanage is not available
		+ * `#3268 <https://pagure.io/SSSD/sssd/issue/3268>`_ - D-Bus GetUserGroups method of sssd is always qualifying all group names
		+ * `#3240 <https://pagure.io/SSSD/sssd/issue/3240>`_ - Smartcard authentication with UPN as logon name might fail
		+ * `#3210 <https://pagure.io/SSSD/sssd/issue/3210>`_ - [RFE] Read prioritized list of trusted domains for unqualified ID resolution from IDM server
		+ * `#3192 <https://pagure.io/SSSD/sssd/issue/3192>`_ - [sssd-secrets] https proxy talks plain http
		+ * `#3182 <https://pagure.io/SSSD/sssd/issue/3182>`_ - sssd does not refresh expired cache entries with enumerate=true
		+ * `#3065 <https://pagure.io/SSSD/sssd/issue/3065>`_ - sssctl: distinguish between autodiscovered and joined domains
		+ * `#2940 <https://pagure.io/SSSD/sssd/issue/2940>`_ - The member link is not removed when the last group's nested member goes away
		+ * `#2714 <https://pagure.io/SSSD/sssd/issue/2714>`_ - Add SSSD domain as property to user on D-Bus
		+ * `#1498 <https://pagure.io/SSSD/sssd/issue/1498>`_ - sss_ssh_knownhostsproxy prevents connection if the network is unreachable via one IP address
		+ * `#3330 <https://pagure.io/SSSD/sssd/issue/3330>`_ - sssctl config-check does not give any error when default configuration file is not present
		+ * `#3292 <https://pagure.io/SSSD/sssd/issue/3292>`_ - RFE: Create troubleshooting tool to check authentication, authorization and extended attribute lookup
		+ * `#3133 <https://pagure.io/SSSD/sssd/issue/3133>`_ - RFE to add option of check user access in SSSD

		`Detailed Changelog`
		`------------------`

SSSD / docs

Source Code

#43 Fix links to tickets users/relnotes/notes_1_15_3.rst Merged 6 years ago by jhrozek. Opened 6 years ago by lslebodn. SSSD/ lslebodn/docs master into master

Metadata

Changes Summary 1

#43 Fix links to tickets users/relnotes/notes_1_15_3.rst

Merged 6 years ago by jhrozek. Opened 6 years ago by lslebodn.

SSSD/ lslebodn/docs master into master