From b0c4751808040afdc15ca801619c43fe192c6a35 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Tue, 6 Oct 2009 12:12:21 -0400 Subject: Remove magicPrivateGroups option In sssd only local is a native mpg domain, and it is forced. All other providers will have to unroll mpg users into a user/group pair of entries in the db. This allows the provider to automatically establish if the remote server provides mpg users w/o possibily conflicting manual configurations on the client trying to force an mpg behavior where none is provided. --- server/man/sssd.conf.5.xml | 41 ----------------------------------------- 1 file changed, 41 deletions(-) (limited to 'server/man') diff --git a/server/man/sssd.conf.5.xml b/server/man/sssd.conf.5.xml index 7946ed45..3eab2355 100644 --- a/server/man/sssd.conf.5.xml +++ b/server/man/sssd.conf.5.xml @@ -363,47 +363,6 @@ - - magic_private_groups (bool) - - - By using the Magic Private Groups option, you - are imposing two limitations to the ID space - and name space: - - - 1. Users and groups in the domain share a common - name space. There can never be an explicit group - with the same name as a user - - - 2. Users and groups share a common ID - space, there can never be an explicit group with - a same ID as a user - - - Using Magic Private groups bring the benefit of - better Windows Interoperability (in Windows, - the ID and name spaces are unique) and also - avoids creating a group for every user, - thus cluttering the group space. Also, for - NSS calls, every user is actually returned - as user's private group without having to - explicitly create the group, thus having the - same effect as User Private Groups - - - Default: FALSE* - - - *Magic Private Groups are always enabled when - provider=local and this setting does not - affect that in any way. For other providers, - Magic Private Groups default to FALSE - - - - enumerate (bool) -- cgit