KDC driver deals with a number of principals and policies for them that have different meaning in a wider FreeIPA infrastructure. As result, they might be located in different parts of the LDAP tree.
Recent change to make password policies closer to the actual objects the govern is one example. Being able to create principals via kadmin in a proper locations is another.
To make it possible to operate on different subtrees, KDB driver needs to have an infrastructure to search over multiple bases in a predictable way.
Triage notes:
Metadata Update from @abbra: - Issue assigned to someone - Issue set to the milestone: Future Releases
master:
Metadata Update from @mbabinsk: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.