#3772 The validator reports user and group attributes in the subdomain section as invalid
Opened 8 months ago by jhrozek. Modified 8 months ago

Even though the subdomain user and/or group options are read from subdomain config section, the configuration validator reports them as error. See the user report in https://bugzilla.redhat.com/show_bug.cgi?id=1598457#c18

Metadata Update from @jhrozek:
- Issue tagged with: bug

8 months ago

The validator behaves this way on purpose.

I would like to note two things.
1. The trusted domain section in config file was made to be as similar as possible to the normal domain and internally we try to deal with many options in the same way as the main domains (so they just work)
2. But the validator screams when people use options in the trusted domain section that were not tested to work (meaning, we do not support them).

So currently the way to add more options to the trusted domain section is followong:
1. Test if it already works (manu options work, even though they are not supported)
2. Add upstream or downstream tests for that option in trusted domain section (probably downstream test, because the infrastructure there supports ADs)
3. modify the validator to accept the option in the trusted domain section
4. add the option to the list of supported options in the trusted domain section in the man page

OK, let's move the ticket into the future releases until we have some test

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD Future releases (no date set yet)

8 months ago

Login to comment on this ticket.