Learn more about these different git repos.
Other Git URLs
IPA needs to be able to notify sssd that we have new domain-realm mappings and sssd needs to modify krb5.conf to store them in the [domain_realm] section.
This is needed both when IPA establish a new trust with an AD domain or when admins decide to start adding new IPA clients in a different DNS domain that is not a child domain of the IPA main DNS domain (which we allow).
Without the mapping IPA clients may not be able to successfully obtain tickets for machines belonging to these other DNS domains.
Ideally IPA will publish a list of domain-realm mappings in the LDAP tree, and sssd will periodically look them up and change krb5.conf accordingly if needed.
FreeIPA side ticket: https://fedorahosted.org/freeipa/ticket/2848
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.9.0 beta 4 priority: major => critical rhbz: => 0
FreeIPA companion ticket: https://fedorahosted.org/freeipa/ticket/2848
component: SSSD => Kerberos Provider milestone: SSSD 1.9.0 beta 4 => SSSD 1.9.0 beta 5
milestone: SSSD 1.9.0 beta 5 => SSSD 1.9.0 beta 6
owner: somebody => simo
milestone: SSSD 1.9.0 beta 6 => SSSD 1.9.0 beta 7
status: new => assigned
component: Kerberos Provider => IPA Provider patch: 0 => 1 version: 1.9.0 beta 1 => 1.9.0 beta 4
milestone: SSSD 1.9.0 beta 7 => SSSD 1.9.0 beta 6
Master:
resolution: => fixed status: assigned => closed
Metadata Update from @simo: - Issue assigned to simo - Issue set to the milestone: SSSD 1.9.0 beta 6
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2422
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Log in to comment on this ticket.