Learn more about these different git repos.
Other Git URLs
Some distributions will not activate the network interface until the user has logged in. This causes a chicken-egg problem as the user will not be available to the system until the machine fetches it at least once from the network.
We need to provide a tool that can be run at kickstart time or manually by an admin when a machine is being installed that allow to fetch all user data needed for a login [initgroups(username) will suffice] and set a pre-cached password so that at first boot the user will be allowed to login.
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.7.0
We also need to consider the cloud use case when an instance is started in the cloud and the cloud does not have direct connectivity to the enterprise IPA/AD. In this case VPN should be started first but to start a VPN (for now manually) one needs to log into the machine first. To log into the VM you need the central identities pre-cashed.
The suggestion is to have a tool that would allow to grind the pre-cached LDB with the specified accounds and related groups and deliver this file via a config server. Such file can be created on the server side and then passed in instead of constructing it on the client side inside the VM from different parts using a client side tool.
You can tell gdm greeter to display a user account (if the user is valid and ldap works and/or pre-seed is done) by adding to /etc/gdm/custom.conf: Include=user1,user2,user3 (comma delimited) Invalid users will not display. Valid users will display realname/gecos field properly in GDM greeter even if he or she has not logged in yet. Results are only visible after a full reboot.
If you don't do this step, the user must click "Other" and then type in his or her username manually and attempt to log in.
When creating this tool, it would be very handy to add an option to tweak the GDM custom config for this purpose.
component: SSSD => sss_tools
This is out of scope of the 1.8 release.
milestone: SSSD 1.8.0 => SSSD 1.9.0 rhbz: =>
"Nice to have" for 1.9.
blockedby: => blocking: =>
feature_milestone: => milestone: SSSD 1.9.0 => SSSD 1.10 beta
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=789473
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=789473 789473]
milestone: SSSD 1.10 beta => SSSD 1.9.0 beta 3
Nick has been working on this and already sent a patch.
owner: somebody => nguay patch: 0 => 1
milestone: SSSD 1.9.0 beta 6 => SSSD 1.9.0 beta 7
Master: 6ea6ec5
milestone: SSSD 1.9.0 beta 7 => SSSD 1.9.0 beta 6 resolution: => fixed status: new => closed
Metadata Update from @simo: - Issue assigned to nguay - Issue set to the milestone: SSSD 1.9.0 beta 6
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/1946
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Log in to comment on this ticket.