[Freeipa-devel] [PATCH] 18 Add external domain extop DS plugin

[Dmitri Pal]

On 03/23/2012 08:52 AM, Sumit Bose wrote:
> Hi,
>
> these two patches introduce a new extended operation to the IPA server
> which can be used by clients in the IPA domain to obtain information
> about users and groups from trusted domains. Currently this exop is used
> by the sssd sub-domain patch to map user names from a trusted AD domain
> to a SID and back. There is also some code for other kind of requests
> which might become useful in future, e.g. with trusted IPA domain.

Are the mappings cached on the SSSD side?

> I added some unit test and added check for the check unit test framework
> for C (http://check.sourceforge.net/) which is used by sssd as well. I
> modified the spec file that the test is run during the build of the
> packages. I hope this is ok.
>
> The patches depend on the idmap library patch which was ACKed recently
> on sssd-devel and as mentioned before the sub-domain patches on
> sssd-devel can only be fully tested with an IPA server which has these
> patches applied.
>
> Since Alexander is currently rewriting parts of the ipa-adtrust-install
> utility I stand back from adding activation code for the exop to
> ipa-adtrust-install and will send a patch when Alexander's changes are
> available. So currently extdom-extop-conf.ldif has to be loaded manually
> after replacing $SUFFIX to activate the new exop.
>
> bye,
> Sumit
>
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IPA project,
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20120323/4233b44e/attachment.htm>