Even though the subdomain user and/or group options are read from subdomain config section, the configuration validator reports them as error. See the user report in https://bugzilla.redhat.com/show_bug.cgi?id=1598457#c18
Metadata Update from @jhrozek:
- Issue tagged with: bug
The validator behaves this way on purpose.
I would like to note two things.
1. The trusted domain section in config file was made to be as similar as possible to the normal domain and internally we try to deal with many options in the same way as the main domains (so they just work)
2. But the validator screams when people use options in the trusted domain section that were not tested to work (meaning, we do not support them).
So currently the way to add more options to the trusted domain section is followong:
1. Test if it already works (manu options work, even though they are not supported)
2. Add upstream or downstream tests for that option in trusted domain section (probably downstream test, because the infrastructure there supports ADs)
3. modify the validator to accept the option in the trusted domain section
4. add the option to the list of supported options in the trusted domain section in the man page
to comment on this ticket.
Copyright © 2014-2018 Red Hat
4.0.4 — Documentation