On Mon, Nov 20, 2017 at 09:29:06AM -0700, Zane Zakraisek wrote: > Hi, I'm looking at migrating my Red Hat 7.4 machines off nslcd and onto > sssd. > > I've got a very simple sssd.conf here running SSSD 1.15.2. > > [sssd] > domains = my.domain > config_file_version = 2 > services = nss, pam > > [domain/my.domain] > ad_domain = my.domain > krb5_realm = MY.DOMAIN > realmd_tags = manages-system joined-with-samba > cache_credentials = False > id_provider = ad > krb5_store_password_if_offline = false > ldap_id_mapping = false > access_provider = ad > #enumerate = true > > A lot of my groups have a samAccountName that differs from their cn. > I've noticed that I can't seem to get consistent group names. > When running 'ls -l', it seems like some files show the samAccountName > of the group, others show the cn of the group. > > Running 'groups' or 'id $USER' always shows the samAccountName. > > Is there a way that I can get SSSD to do everything by the cn of the > group?
ldap_group_name = cn but it's strange that you sometimes see different names, is the samaccountname attribute maybe multi-valued by any chance? _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org