freeipa

Clone
Source Code
GIT

bb75f5a adtrust: support UPNs for trusted domain users

8 files Authored by abbra 7 years ago, Committed by mbasti 7 years ago,
raw patch tree parent
8 files changed. 142 lines added. 73 lines removed.
ACI.txt
file modified
+1 -1
daemons/ipa-kdb/ipa_kdb_mspac.c
file modified
+49 -11
daemons/ipa-kdb/ipa_kdb_mspac_private.h
file modified
+1 -0
daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
file modified
+7 -2
install/oddjob/com.redhat.idm.trust-fetch-domains
file modified
+3 -28
install/share/60basev3.ldif
file modified
+2 -1
ipaserver/dcerpc.py
file modified
+29 -11
ipaserver/plugins/trust.py
file modified
+50 -19 
    adtrust: support UPNs for trusted domain users
    
    Add support for additional user name principal suffixes from
    trusted Active Directory forests. UPN suffixes are property
    of the forest and as such are associated with the forest root
    domain.
    
    FreeIPA stores UPN suffixes as ipaNTAdditionalSuffixes multi-valued
    attribute of ipaNTTrustedDomain object class.
    
    In order to look up UPN suffixes, netr_DsRGetForestTrustInformation
    LSA RPC call is used instead of netr_DsrEnumerateDomainTrusts.
    
    For more details on UPN and naming in Active Directory see
    https://technet.microsoft.com/en-us/library/cc739093%28v=ws.10%29.aspx
    
    https://fedorahosted.org/freeipa/ticket/5354
    
    Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
file modified
+1 -1
file modified
+49 -11
file modified
+1 -0
file modified
+7 -2
file modified
+3 -28
file modified
+2 -1
file modified
+29 -11
file modified
+50 -19
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.