#3643 [RFE] Allow option auto_private_groups to be disabled for the sub-domain users as well

Created 3 months ago by jhrozek
Modified 3 months ago

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1546740

Description of problem:
Currently auto_private_groups option is permanently enabled for the user from
the subdomain. auto_private_group option can be disabled for user from the
domain integrated directly. Same behavior should be extended for the users from
the other subdomain as well.

Version-Release number of selected component (if applicable):
~]# rpm -q sssd
sssd-1.16.0-16.el7.x86_64


How reproducible:
Alwasy

Steps to Reproduce:
1. Join the rhel-system to the AD-server having at least one child domain.
2. set the 'auto_private_groups' option to the 'false' in the sssd.conf
3. run the 'id' against the users from the child domain.

Actual results:
~]# id user1_dom2-2316389@sssdad_tree.com
uid=494817046(user1_dom2-2316389@sssdad_tree.com)
gid=494817046(user1_dom2-2316389@sssdad_tree.com) groups=494817046(user1_dom2-2
316389@sssdad_tree.com),494817047(group1_dom2-2316389@sssdad_tree.com),49480051
3(domain users@sssdad_tree.com)


Expected results:
~]# id user1_dom2-2316389@sssdad_tree.com
uid=494817046(user1_dom2-2316389@sssdad_tree.com)
gid=494817047(group1_dom2-2316389@sssdad_tree.com)
groups=494817047(group1_dom2-2316389@sssdad_tree.com),494817047(group1_dom2-231
6389@sssdad_tree.com),494800513(domain users@sssdad_tree.com)


Additional info:
3 months ago

Metadata Update from @jhrozek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1546740

3 months ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD Patches welcome

Login to comment on this ticket.

https://bugzilla.redhat.com/show_bug.cgi?id=1546740

cancel