Learn more about these different git repos.
Other Git URLs
The sudo provider can currently only be 'none' or 'ldap'. If the sudo LDAP backend is used together with the AD id provider we might face similar issues as was seen when using the LDAP access provider together the AD provider.
E.g. since the default value for ldap_id_mapping is different in the LDAP and AD provider SSSD will fail to start if 'id_provider = ad' and 'sudo_provider = ldap' but ldap_id_mapping is not set explicitly.
Additionally I assume that the sdap id context is initialized twice. This might be true when using the IPA provider as well.
Maybe be want to add 'sudo_provider = ad' so that it plays well with SSSD?
I agree that adding sudo_provider=ad is the best way, but we also should document the pitfalls of using sudo_provider=ldap in a man page (man sssd-sudo?) because that's what some users are already using.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1068725
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=1068725 1068725]
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.11.5 priority: major => critical
owner: somebody => sbose status: new => assigned
patch: 0 => 1
resolution: => fixed status: assigned => closed
Metadata Update from @sbose: - Issue assigned to sbose - Issue set to the milestone: SSSD 1.11.5
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3298
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Log in to comment on this ticket.