Univention Bugzilla – Bug 32864
Special pseudo groups
Last modified: 2015-04-01 13:48:49 CEST
AD has some special SIDs (pseudo groups). We need a mapping to POSIX GID, so we create these pseudo groups as normal UCS groups and the S4 connector ignores these groups. I think we should mention these groups in the manual because these groups are not synchronized between S4 and OpenLDAP. Currently we use these groups: - Authenticated Users - World Authority - Everyone - Null Authority - Nobody - Enterprise Domain Controllers Depending on Bug #29000 we will create more of these groups.
Pseudo groups in general were already documented in Bug 32927. I've added the list of affected groups in revision 45514
(In reply to Moritz Muehlenhoff from comment #1) > Pseudo groups in general were already documented in Bug 32927. I've added > the list of affected groups in revision 45514 Sorry, meanwhile we've added more of these groups: Bug #29000 "Pseudo-Gruppen sind im UCS-Verzeichnisdienst vorhanden, sind aber leer." They are not really empty but they normally don't need to be modified and they are not synced between OpenLDAP and S4.
(In reply to Stefan Gohmann from comment #2) > (In reply to Moritz Muehlenhoff from comment #1) > > Pseudo groups in general were already documented in Bug 32927. I've added > > the list of affected groups in revision 45514 > > Sorry, meanwhile we've added more of these groups: Bug #29000 > > "Pseudo-Gruppen sind im UCS-Verzeichnisdienst vorhanden, sind aber leer." > They are not really empty but they normally don't need to be modified and > they are not synced between OpenLDAP and S4. This has been rephrased and the new groups added in revision 45900
OK