We are not checking for AD users with POSIX attributes in case of creating the trusts using the trust secret (and not AD admin's credentials).
However, checks are done using authenticated search, so we do need the admin's credentials for that. We can do the probing in the fetch-trustdomains command after the trust is established.
We need to make users properly aware of this fact.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1139769
Not needed for 4.1 release, though they would fit 4.1.x nicely.
FreeIPA 4.1.1 was released.
4.1.2 was released.
4.1.3 was released.
Talked to Tomas and Alexander, this RFE does not belong in 4.1.x stabilization branch any more. Moving to 4.2 Backlog as there are other priority bugs and also because this RFE should not be done before One Way trusts and related refactoring to dcerpc.
Processing leftovers from 4.2 backlog - this ticket was found as suitable for consideration in next big feature release - 4.4.
Metadata Update from @tbabej: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.5 backlog
Login to comment on this ticket.