Back to bug 1311257
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Sumit Bose | 2016-02-23 19:12:44 UTC | CC | sbose | |
| Alexander Bokovoy | 2016-02-23 19:17:25 UTC | Status | NEW | MODIFIED |
| errata-xmlrpc | 2016-02-23 19:47:45 UTC | Status | MODIFIED | ON_QA |
| Alexander Bokovoy | 2016-03-14 10:28:42 UTC | Doc Text | Cause: Schema Compatibility plugin supports exposing users and groups from trusted AD forests with the help of SSSD running on the IPA master server. However, Schema Compatibility plugin does not expose these AD users as part of IPA groups even if the group membership is defined in IPA. Consequence: As result of Schema Compatibility plugin not exposing AD users as part of IPA groups, it is impossible for legacy clients to subject AD users to SUDO rules and group-restricting access rules. Fix: A support to resolve external members of IPA groups was added to the Schema Compatibility plugin. Additionally, a number of issues with resolution of external members in IPA groups was fixed in SSSD when running on IPA master server. Result: Schema Compatibility plugin now exports information about external members of IPA groups. | |
| Doc Type | Enhancement | Bug Fix | ||
| Petr Bokoc | 2016-03-18 12:51:35 UTC | CC | pbokoc | |
| Doc Text | Cause: Schema Compatibility plugin supports exposing users and groups from trusted AD forests with the help of SSSD running on the IPA master server. However, Schema Compatibility plugin does not expose these AD users as part of IPA groups even if the group membership is defined in IPA. Consequence: As result of Schema Compatibility plugin not exposing AD users as part of IPA groups, it is impossible for legacy clients to subject AD users to SUDO rules and group-restricting access rules. Fix: A support to resolve external members of IPA groups was added to the Schema Compatibility plugin. Additionally, a number of issues with resolution of external members in IPA groups was fixed in SSSD when running on IPA master server. Result: Schema Compatibility plugin now exports information about external members of IPA groups. | The Schema Compatibility plug-in supports exposing users and groups from trusted Active Directory forests with the help of SSSD running on the IPA master server. Previously, the plug-in did not expose these users as part of IPA groups even if the group membership is defined in IPA, which prevented legacy clients from subjecting Active Directory users to sudo rules and group-restricting access rules. This update enables support for resolving external members of IPA groups and exporting their information to the Schema Compatibility plug-in, improving compatibility with legacy clients. | ||
| Kaleem | 2016-03-18 16:32:34 UTC | Status | ON_QA | VERIFIED |
| Petr Bokoc | 2016-03-22 13:45:02 UTC | Doc Text | The Schema Compatibility plug-in supports exposing users and groups from trusted Active Directory forests with the help of SSSD running on the IPA master server. Previously, the plug-in did not expose these users as part of IPA groups even if the group membership is defined in IPA, which prevented legacy clients from subjecting Active Directory users to sudo rules and group-restricting access rules. This update enables support for resolving external members of IPA groups and exporting their information to the Schema Compatibility plug-in, improving compatibility with legacy clients. | The Schema Compatibility plug-in supports exposing users and groups from trusted Active Directory forests with the help of SSSD running on the IdM master server. Previously, the plug-in did not expose these users as part of IdM groups even if the group membership is defined in IdM, which prevented legacy clients from subjecting Active Directory users to sudo rules and group-restricting access rules. This update enables support for resolving external members of IdM groups and exporting their information to the Schema Compatibility plug-in, improving compatibility with legacy clients. |
| errata-xmlrpc | 2016-05-12 00:54:48 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2016-05-12 09:57:49 UTC | Status | RELEASE_PENDING | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-05-12 05:57:49 UTC |
Back to bug 1311257