On 25/08/14 14:29, Lukas Slebodnik wrote:
On (25/08/14 14:12), Rowland Penny wrote:
On 25/08/14 13:44, Andre Pitanga wrote:
Hi Rowland,
You cannot have a 'user' object and a 'group' object with the same name,
I know that, that's what I pose in my original post if you read it. The sAMAccountName has to be unique, but this doesn't seem to apply to disply name, for example.
Yes, I did read it, so 'display name' doesn't have to be unique, so what, does anything actually use this attribute in authentication ?
further more, the example you give is a 'local unix' user and should not be put into AD. If you did put them into AD, you would have to remove them from /etc/passwd and if the domain went down for some reason, you would have NO USERS at all.
So what? Does sssd not provide local credentials caching? Isn't AD fault-tolerant/ highly-available across several hosts? Housing Linux "service accounts" in AD is a very common practice.
Yes, sssd does provide caching, but what happens if the cache gets corrupt ?
This should never happen. If you see corrupted cache please report immediatelly. I am not aware of any bug with corupted cache.
I never said it would happen, I just said what if it did. Do not say it will never happen, because anything that can go wrong, will go wrong, it is just the nature of things.
Rowland
LS _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users