[Freeipa-devel] [Test][Patch-0049, 0050] Certs in ID overrides test
Alexander Bokovoy
abokovoy at redhat.com
Wed Sep 14 15:53:20 UTC 2016
On Wed, 14 Sep 2016, Martin Basti wrote:
>
>
>On 14.09.2016 17:41, Alexander Bokovoy wrote:
>>On Wed, 14 Sep 2016, Martin Basti wrote:
>>>1)
>>>I still don't see the reason why AD trust is needed. Default trust
>>>ID view is added just by ipa-adtrust-install, adding trust is not
>>>needed for current implementation. You don't need AD for this,
>>>IDviews is generic feature not just for AD. Is that user
>>>configured on AD side?
>>You cannot add non-AD user to 'default trust view', so you will not be
>>able to set up certificates to ID override which does not exist.
>>
>>For non-'default trust view' you can add both IPA and AD users, so using
>>some other view and then assign certificate for a ID override in that
>>one.
>>
>
>Ok then, but anyway I would like to see API/CLI tests for this feature
>with proper output validation.
>
>
>How can be this tested with SSSD?
You need to log into the system with a certificate...
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list