#532 Change the default of ldap_force_upper_case_realm
Closed: Fixed None Opened 13 years ago by sbose.

Currently the default is false. This means we do not change the case the realm part of the user principal we get from the LDAP server.

In general the realm is case-sensitive, but in a typical Linux/UNIX environment only upper case realms are used. Active Directory treats the realm case-insensitive and often stored the user principal with a lower case realm part although the realm itself is upper case. This behavior can confuse clients which handles the realm case sensitive. In this case ldap_force_upper_case_realm needs to be set to true.

Given the fact that setting ldap_force_upper_case_realm by default to true will not break the typical Linux/UNIX setup and would reduce the configuration effort for AD it would make sense to change the default.

As an alternative ldap_force_upper_case_realm should be put into the AD example configuration.


We'll change the example configuration.

milestone: NEEDS_TRIAGE => SSSD 1.2.1
owner: somebody => sgallagh

Fields changed

status: new => assigned

Fixed by 1580ec5

fixedin: => 1.2.1
resolution: => fixed
status: assigned => closed

Fields changed

rhbz: => 0

Metadata Update from @sbose:
- Issue assigned to sgallagh
- Issue set to the milestone: SSSD 1.2.1

7 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/1574

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata