[Freeipa-devel] [Test][Patch-0049, 0050] Certs in ID overrides test
Martin Basti
mbasti at redhat.com
Wed Sep 14 15:43:32 UTC 2016
On 14.09.2016 17:41, Alexander Bokovoy wrote:
> On Wed, 14 Sep 2016, Martin Basti wrote:
>> 1)
>> I still don't see the reason why AD trust is needed. Default trust ID
>> view is added just by ipa-adtrust-install, adding trust is not needed
>> for current implementation. You don't need AD for this, IDviews is
>> generic feature not just for AD. Is that user configured on AD side?
> You cannot add non-AD user to 'default trust view', so you will not be
> able to set up certificates to ID override which does not exist.
>
> For non-'default trust view' you can add both IPA and AD users, so using
> some other view and then assign certificate for a ID override in that
> one.
>
Ok then, but anyway I would like to see API/CLI tests for this feature
with proper output validation.
How can be this tested with SSSD?
More information about the Freeipa-devel
mailing list