4cf3c2d Resolve external members from trusted domain via Global Catalog

3 files Authored by abbra 11 years ago, Committed by simo 11 years ago,
    Resolve external members from trusted domain via Global Catalog
    
    A sequence is following:
    1. Match external member against existing trusted domain
    2. Find trusted domain's domain controller and preferred GC hosts
    3. Fetch trusted domain account auth info
    4. Set up ccache in /var/run/ipa_memcached/krb5cc_TD<domain> with principal ourdomain$@trusted.domain
    5. Do LDAP SASL interactive bind using the ccache
    6. Search for the member's SID
    7. Decode SID
    8. Replace external member name by SID
    
        
file modified
+19 -13
file modified
+8 -9
file modified
+231 -4