[Freeipa-users] sssd shows deleted users as well
Rakesh Rajasekharan
rakesh.rajasekharan at gmail.com
Fri Jul 22 14:00:00 UTC 2016
under the "configure global security part" of jenkins, we can specify how
jenkins will fetch users for authentication. One option is
"Unix user/group database" . wherein, it will do a getent passwd and fetch
users from there.
Other is to specify ldap.
There are few other ways as well but haven't explored it yet.
Thanks
Rakesh
On Fri, Jul 22, 2016 at 6:54 PM, Jakub Hrozek <jhrozek at redhat.com> wrote:
> On Fri, Jul 22, 2016 at 06:17:32PM +0530, Rakesh Rajasekharan wrote:
> > My specific requirement for having "enumerate=TRUE" was , we have a build
> > server with the jenkins set up.
> > And for authentication jenkins tries to get the localusers on the system.
>
> I'm not sure what you mean by localusers, but does Jenkins really use
> some sort of interface that lists all users through the system
> interface? IIRC Jenkins is written in Java, so I would expect some
> native Java connector instead..
>
> >
> > I should be able to get through that by configuring Jenkins to use LDAP
> > instead of the local users.
> >
> > But are there any other reasons for recommending against
> "enumerate=TRUE",
> > i recall reading somewhere as well not to use this specific setting.
>
> - performance
> - in general (because it's not the default and few people use
> enumeration), less tested than the defaul
> - idviews don't work
> - trusted AD users can't be enumerated at all
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160722/95e43861/attachment.htm>
More information about the Freeipa-users
mailing list