diff options
author | Alexander Bokovoy <abokovoy@redhat.com> | 2012-10-31 19:52:12 +0000 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2012-11-01 15:47:13 -0400 |
commit | 4cf3c2d5053bad8e62a80ffa586f8d5c1f7e41cd (patch) | |
tree | c5117b43a538be00826686bdcee76baf03d4fafe /install | |
parent | 9c388e9b6257c8fd27fb590d9a45e850e4d945b8 (diff) | |
download | freeipa.git-4cf3c2d5053bad8e62a80ffa586f8d5c1f7e41cd.tar.gz freeipa.git-4cf3c2d5053bad8e62a80ffa586f8d5c1f7e41cd.tar.xz freeipa.git-4cf3c2d5053bad8e62a80ffa586f8d5c1f7e41cd.zip |
Resolve external members from trusted domain via Global Catalog
A sequence is following:
1. Match external member against existing trusted domain
2. Find trusted domain's domain controller and preferred GC hosts
3. Fetch trusted domain account auth info
4. Set up ccache in /var/run/ipa_memcached/krb5cc_TD<domain> with principal ourdomain$@trusted.domain
5. Do LDAP SASL interactive bind using the ccache
6. Search for the member's SID
7. Decode SID
8. Replace external member name by SID
Diffstat (limited to 'install')
0 files changed, 0 insertions, 0 deletions