a1be4fc KDB: support external IdP configuration

Authored and Committed by abbra 2 years ago
    KDB: support external IdP configuration
    
    When IdP configuration is provided, take it into account:
    
     - idp-specific Kerberos ticket policy would be applied
    
     - Presence of IdP link in a Kerberos principal entry would cause KDB to
       enable `idp` pre-authentication method on KDC side.
    
    The latter requires additional pre-authentication method supplied with
    SSSD 2.7.0.
    
    Fixes: https://pagure.io/freeipa/issue/8804
    
    Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
    Signed-off-by: Pavel Březina <pbrezina@redhat.com>
    Reviewed-By: Francisco Trivino <ftrivino@redhat.com>
    Reviewed-By: Sumit Bose <sbose@redhat.com>
    
        
file modified
+1 -0
file modified
+2 -0