sumit-bose
2021-03-30 14:03:01 UTC
URL: https://github.com/SSSD/sssd/pull/5529
Title: #5529: AD: read trusted domains from local domain as well
sumit-bose commented:
"""
I guess you are thinking of the domain-disable feature of FreeIPA which is not related to the code here. However, it might be better to keep the removal since otherwise thanks to offline authentication users from a domain removed from the forest would still be able to log in until SSSD's cache is removed. I'll add `Change Requested`.
bye,
Sumit
"""
See the full comment at https://github.com/SSSD/sssd/pull/5529#issuecomment-810281718
Title: #5529: AD: read trusted domains from local domain as well
sumit-bose commented:
"""
Is it safe to remove `sdap_domain_remove` call? IIRC there was a reason for it.
Hi,I guess you are thinking of the domain-disable feature of FreeIPA which is not related to the code here. However, it might be better to keep the removal since otherwise thanks to offline authentication users from a domain removed from the forest would still be able to log in until SSSD's cache is removed. I'll add `Change Requested`.
bye,
Sumit
"""
See the full comment at https://github.com/SSSD/sssd/pull/5529#issuecomment-810281718