Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IPA IPA Trust WIP #69

Open
wants to merge 13 commits into
base: master
Choose a base branch
from
Open

IPA IPA Trust WIP #69

wants to merge 13 commits into from

Commits on Sep 19, 2024

  1. SYSDB: Store IPA trust type

    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    ff4fb77 View commit details
    Browse the repository at this point in the history

  2. Rename struct ipa_ad_server_ctx, and add id_ctx union member

    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    11d25af View commit details
    Browse the repository at this point in the history

  3. ipa: Make ipa_service_init() like ad_failover_init() 

    Similar to AD server/service discovery initialization,
Allows callers to provide a service, and not just use "IPA"
    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    facb20d View commit details
    Browse the repository at this point in the history

  4. ad: Combine 1+2way trust options creation functions

    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    4baa4ad View commit details
    Browse the repository at this point in the history

  5. ipa: Make ipa server subdomain functions generic 

    ipa_srv_* functions will handle IPA and AD subdomains, not only
AD.
    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    5f674fe View commit details
    Browse the repository at this point in the history

  6. ipa: Add ipa subdomain provider initialization

    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    f214b4d View commit details
    Browse the repository at this point in the history

  7. ipa: Support ipa subdomain account info requests

    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    6ff46ec View commit details
    Browse the repository at this point in the history

  8. ipa s2n: Remove check for SYSDB_UPN 

    After b3d7a4f we no longer use
the 'upn' variable. During certain codepaths to ipa_s2n_save_objects()
SYSDB_UPN is expected to be missing, so no need to check for it.
    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    4dd48e5 View commit details
    Browse the repository at this point in the history

  9. ipa: Rename ipa_create_ad_1way_trust_ctx() 

    This gets executed when a one-way or two-way trust ipa
is added. Rename this to avoid confusion.
    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    4dfa8e3 View commit details
    Browse the repository at this point in the history

  10. Handle missing SID for user private group 

    SSSD goes offline in IPA trusted user look due to the IPA user private group:

    [ipa_get_ad_acct_ad_part_done] (0x0020): [RID#7] Cannot find a SID.

In IPA-IPA trust, user private groups do not contain a SID. Lookup the
equivalent user object of the same name in IPA and use this SID instead.
    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    6de1cf5 View commit details
    Browse the repository at this point in the history

  11. Trust type Crash fix

    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    5822b6d View commit details
    Browse the repository at this point in the history

  12. ipa s2n: Ignore trusted IPA user private group 

    Don't fail when processing the IPA user private group retrieved
from the IPA server in a trusted user lookup. It is expected
this object will have no SID.
    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    311d708 View commit details
    Browse the repository at this point in the history

  13. AD: Remove unused AD_AT_TRUST_TYPE attribute

    @justin-stephenson
    justin-stephenson committed Sep 19, 2024
    Configuration menu
    Copy the full SHA
    8eb6d9d View commit details
    Browse the repository at this point in the history