From 92af6f25864b5c389b57d0f659686801b45ca58c Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Fri, 10 May 2013 09:55:31 +0200 Subject: Enhance PAC responder for AD users This patch modifies the PAC responder so that it can be used with the AD provider as well. The main difference is that the POSIX UIDs and GIDs are now lookup up with the help of the SID instead of being calculated algorithmically. This was necessary because the AD provider allows either algorithmic mapping or reading the value from attributes stored in AD. Fixes https://fedorahosted.org/sssd/ticket/1558 --- src/man/sssd.conf.5.xml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'src/man') diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 3bb1ca760..c2e475b5a 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -848,16 +848,16 @@ override_homedir = /home/%u following operations are done: If the remote user does not exist in the - cache, it is created. The uid is calculated based on the - SID, trusted domains will have UPGs and the gid will have - the same value as the uid. The home directory is set based - on the subdomain_homedir parameter. The shell will be empty - by default, i.e. the system defaults are used, but can be - overwritten with the default_shell parameter. - - If there are SIDs of groups from the domain - the sssd client belongs to, the user will be added to those - groups. + cache, it is created. The uid is determined with the help + of the SID, trusted domains will have UPGs and the gid + will have the same value as the uid. The home directory is + set based on the subdomain_homedir parameter. The shell will + be empty by default, i.e. the system defaults are used, but + can be overwritten with the default_shell parameter. + + If there are SIDs of groups from domains + sssd knows about, the user will be added to those groups. + -- cgit