Bug 811663 - Per domain formats for qualified user names
Summary: Per domain formats for qualified user names
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: sssd
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Stephen Gallagher
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-04-11 16:34 UTC by Stef Walter
Modified: 2020-05-02 16:51 UTC (History)
5 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2012-09-06 10:58:37 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)
Rough patch implementing per domain qualified user names (29.54 KB, patch)
2012-04-11 16:43 UTC, Stef Walter
no flags Details | Diff


Links
System ID Private Priority Status Summary Last Updated
Github SSSD sssd issues 2341 0 None closed Per domain formats for qualified user names 2020-11-04 20:45:11 UTC

Description Stef Walter 2012-04-11 16:34:02 UTC
In order to support the AD Domain\User style and the more usual kerberos user@realm style, sssd needs per domain re_expression and full_name_format options.

This is especially important for Samba integration. Samba only allows Domain\User format, with the exception that the slash can be replaced with another character.

Will attach a patch.

Comment 1 Dmitri Pal 2012-04-11 16:40:14 UTC
Upstream ticket:
https://fedorahosted.org/sssd/ticket/1299

Comment 2 Stef Walter 2012-04-11 16:43:31 UTC
Created attachment 576821 [details]
Rough patch implementing per domain qualified user names

In order to prevent conflicts between the regular expressions
for different domains, we parse with a domains regular
expression and then check that the resulting domain matches
that domain's name.

It's not clear that we should support null-domains in these
regular expressions and sss_parse_name_for_domains(). There's 
a TODO in the patch to sort this out. It may be that we choose 
to have callers of sss_parse_name_for_domains() which can accept
unqualified user domains use the full input string when
parsing into a qualified name fails.

In other words, sss_parse_name_for_domains() would not support
returning a NULL *domain.

This patch touches several code paths, I haven't tested all of
them. Debugging sssd seems like a bit of a black art because
of the multiple processes :)

Commit message:

Make re_expression and full_name_format per domain options

 * Allows different user/domain qualified names for different
   domains. For example Domain\User or user@domain.
 * The global re_expression and full_name_format options remain
   as defaults for the domains.

Comment 3 Jakub Hrozek 2012-09-06 10:58:37 UTC
This is an RFE that is part of the 1.9 upstream which is present in F18 and rawhide.


Note You need to log in before you can comment on or make changes to this bug.