This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 811663 - Per domain formats for qualified user names
Per domain formats for qualified user names
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: sssd (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Stephen Gallagher
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-04-11 12:34 EDT by Stef Walter
Modified: 2012-09-06 06:58 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-09-06 06:58:37 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Rough patch implementing per domain qualified user names (29.54 KB, patch)
2012-04-11 12:43 EDT, Stef Walter
no flags Details | Diff

  None (edit)
Description Stef Walter 2012-04-11 12:34:02 EDT
In order to support the AD Domain\User style and the more usual kerberos user@realm style, sssd needs per domain re_expression and full_name_format options.

This is especially important for Samba integration. Samba only allows Domain\User format, with the exception that the slash can be replaced with another character.

Will attach a patch.
Comment 1 Dmitri Pal 2012-04-11 12:40:14 EDT
Upstream ticket:
https://fedorahosted.org/sssd/ticket/1299
Comment 2 Stef Walter 2012-04-11 12:43:31 EDT
Created attachment 576821 [details]
Rough patch implementing per domain qualified user names

In order to prevent conflicts between the regular expressions
for different domains, we parse with a domains regular
expression and then check that the resulting domain matches
that domain's name.

It's not clear that we should support null-domains in these
regular expressions and sss_parse_name_for_domains(). There's 
a TODO in the patch to sort this out. It may be that we choose 
to have callers of sss_parse_name_for_domains() which can accept
unqualified user domains use the full input string when
parsing into a qualified name fails.

In other words, sss_parse_name_for_domains() would not support
returning a NULL *domain.

This patch touches several code paths, I haven't tested all of
them. Debugging sssd seems like a bit of a black art because
of the multiple processes :)

Commit message:

Make re_expression and full_name_format per domain options

 * Allows different user/domain qualified names for different
   domains. For example Domain\User or user@domain.
 * The global re_expression and full_name_format options remain
   as defaults for the domains.
Comment 3 Jakub Hrozek 2012-09-06 06:58:37 EDT
This is an RFE that is part of the 1.9 upstream which is present in F18 and rawhide.

Note You need to log in before you can comment on or make changes to this bug.