#2129 Always store users with FQDN with hardcoded format
Closed: Duplicate None Opened 6 years ago by jhrozek.

Currently we store the name attribute as plain name for master domains and FQDN for subdomains. Also, the way the FQDNs are stored to the cache is configurable, which poses a large number of problems.

Mainly getting (user,domain) tuple from the string that is the ghost attribute is complex and fragile. Consider a group entry such as:

cn: subgroup@subdom
ghost: someuser
ghost: anotheruser@subdom

Now in order to print all group members as FQDN (which is the default for AD provider), the code needs to iterate over the ghost attributes and parse them into (name,domain) and optionally re-add the domain..

We should store all users as "user@domain" always and never allow any other format.


Fields changed

milestone: NEEDS_TRIAGE => Temp milestone

Fields changed

rhbz: => 0

Fields changed

description: Currently we store the ghost attribute as plain name for master domains and FQDN for subdomains. Also, the way the ghost users are stored to the cache is configurable, which poses a large number of problems.

Mainly getting (user,domain) tuple from the string that is the ghost attribute is complex and fragile. Consider a group entry such as:
{{{
cn: subgroup@subdom
ghost: someuser
ghost: anotheruser@subdom
}}}

Now in order to print all group members as FQDN (which is the default for AD provider), the code needs to iterate over the ghost attributes and parse them into (name,domain) and optionally re-add the domain..

We should store the ghost attributes as "user@domain" always and never allow any other format. => Currently we store the name attribute as plain name for master domains and FQDN for subdomains. Also, the way the FQDNs are stored to the cache is configurable, which poses a large number of problems.

Mainly getting (user,domain) tuple from the string that is the ghost attribute is complex and fragile. Consider a group entry such as:
{{{
cn: subgroup@subdom
ghost: someuser
ghost: anotheruser@subdom
}}}

Now in order to print all group members as FQDN (which is the default for AD provider), the code needs to iterate over the ghost attributes and parse them into (name,domain) and optionally re-add the domain..

We should store all users as "user@domain" always and never allow any other format.
summary: Always store ghost users as FQDN with hardcoded format => Always store users with FQDN with hardcoded format

Fields changed

milestone: Temp milestone => SSSD 1.12 beta
type: defect => task

Should be done together with the rest of the sysdb refactor Michal is working on.

milestone: SSSD 1.12 beta => SSSD 1.13 beta

Fields changed

mark: => 0

Duplicate of #2011

resolution: => duplicate
status: new => closed

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.13.1

2 years ago

Login to comment on this ticket.

Metadata