#2009 Disallow or warn if full_name_format is set to a non-default value when IPA server mode is on
Closed: Fixed None Opened 6 years ago by jhrozek.

If the IPA server mode is on and the SSSD is running on the IPA server, then the server's extdom plugin calls getpwnam_r to read info about trusted users from the AD server and return them to the clients that called the extended operation.

The SSSD returns the subdomain users fully-qualified, ie "user@domain" by default. The format of the fully qualified name is configurable.

However, the extdom plugin returns the user name without the domain component.

We have a couple of options:
- when ipa_server_mode is on, return the usernames non-qualified.
- when ipa_server_mode is on, warn if the full_name_format is set to a non-default value. That would prompt the admin to change the format if he changed it to something exotic.

I think the second option sounds better.

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.11 beta 2

Fields changed

owner: somebody => jhrozek
status: new => assigned

Fields changed

patch: 0 => 1

resolution: => fixed
status: assigned => closed

Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.11 beta 2

2 years ago

Login to comment on this ticket.