Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product RHEL RFE): Bug 1001630
Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.
This RFE is to request the ability for SSSD to allow for custom attributes.
Currently if there is no original DN attribute (which is the case because proxy provider is used), we just attempt to construct the DN based on the username and the search base. That only works if the DNs on the server are in the form of uid=$username,$DN.
We need to perform another search (probably by UID) for cases where we don't know the original DN, retrieve the user, update his originalDN and resume the authentication.
design_review: => 0
review: True => 0
summary: [RFE] Allow for custom attributes in RDN when using id_provider = proxy => [RFE] If originalDN is not available during LDAP auth, the SSSD should look it up
testsupdated: => 0
milestone: NEEDS_TRIAGE => SSSD 1.12 beta
type: defect => enhancement
rhbz: [https://bugzilla.redhat.com/show_bug.cgi?id=1001630 1001630] => [https://bugzilla.redhat.com/show_bug.cgi?id=1001630 1001630] todo
There is a customer who is eager to test this functionality. I already have local patches.
owner: somebody => jhrozek
status: new => assigned
patch: 0 => 1
milestone: SSSD 1.12 beta => SSSD 1.11.3
resolution: => fixed
status: assigned => closed
changelog: => Allows the LDAP provider to look up the DN to bind with even if the identity provider didn't download the DN on its own. Mostly useful as a way to combine LDAP auth provider with non-LDAP ID provider.
rhbz: [https://bugzilla.redhat.com/show_bug.cgi?id=1001630 1001630] todo => [https://bugzilla.redhat.com/show_bug.cgi?id=1001630 1001630]
Metadata Update from @dpal:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.11.3
to comment on this ticket.