Bug 1233200
Summary: | man sssd.conf should clarify details about subdomain_inherit option. | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Nirupama Karandikar <nkarandi> |
Component: | sssd | Assignee: | SSSD Maintainers <sssd-maint> |
Status: | CLOSED ERRATA | QA Contact: | Steeve Goveas <sgoveas> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 7.3 | CC: | grajaiya, jgalipea, jhrozek, lslebodn, mkosek, mzidek, nsoman, pbrezina, sgoveas |
Target Milestone: | rc | ||
Target Release: | 7.3 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | sssd-1.14.0-0.1.alpha.el7 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-11-04 07:11:31 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Nirupama Karandikar
2015-06-18 12:23:19 UTC
(In reply to Nirupama Karandikar from comment #0) > The "subdomain_inherit" option works only with IPA server with AD trust > setup. This option do not work with any other provider. This wouldn't be correct. The option does what it says, it applies config options from main domain to a subdomain. The other issue is that not all subdomains respect all options equally and you're right we should come up with a better description. We'll come up with a better wording.. Upstream ticket: https://fedorahosted.org/sssd/ticket/2683 It's better to fix minor issues in RHEL-7 first. master: 8ff199fca4e7b474d3b92759db96ff87ac5fb8cb This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune with any questions Version sssd-1.14.0-27.el7.x86_64 Better description. Thanks! marking verified. subdomain_inherit (string) Specifies a list of configuration parameters that should be inherited by a subdomain. Please note that only selected parameters can be inherited. Currently the following options can be inherited: ignore_group_members ldap_purge_cache_timeout ldap_use_tokengroups ldap_user_principal ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab is not set explicitly) Example: subdomain_inherit = ldap_purge_cache_timeout Default: none Note: This option only works with the IPA and AD provider. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHEA-2016-2476.html |