#7600 Enable compat tree to provide information about AD users and groups on trust agents
Opened 10 months ago by frenaud. Modified 10 months ago

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1585020

RHEL IdM has an option to enable serving information about AD users and groups
in the compatibility tree (RFC2307) when converting IdM master to AD trust
controller. At the same time, AD trust controller can designate other IdM
masters to be able to resolve information about AD users and groups by
promoting them to AD trust agents.

However, there is no way to configure the compatibility tree on AD trust agents
to serve information about AD users and groups. As result, if legacy clients
are configured to use the compatibility tree on AD trust agents as opposed to
AD trust controllers, information about AD users' group membership will be
missing.

We should provide means to enable this functionality in the compatibility tree
on AD trust agents independently from converting AD trust agent to AD trust
controller.

Metadata Update from @frenaud:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1585020

10 months ago

Login to comment on this ticket.

Metadata