Hi there!
I've been playing with the SSSD 'ldap_acces_filter' directive.
access_provider = ldap
ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com
I expected a similar functionality to the old ldap.conf:
pam_groupdn cn=HOSTNAME,ou=hosts,dc=example,dc=com
On Sun, Jan 26, 2014 at 02:36:20PM -0500, Simo Sorce wrote:
On Thu, 2014-01-16 at 11:02 +0200, Noam Meltzer wrote:
Following the design document:
https://fedorahosted.org/sssd/wiki/DesignDocs/rpc.idmapd%20plugin
You can find in the following 5 patches my implementation.
Hi Noam,
it
On (26/01/14 13:02), Pavel Reichl wrote:
Hello,
sss_parse_name currently SIGSEGVs if any of output parameters (domain,
name) is a NULL. I think it may be useful to support passing NULL
arguments as not always both pieces of information are needed.
Please see attached patch.
PR
From
On Fri, Jan 24, 2014 at 02:44:49PM +0100, Arturo Borrero wrote:
Hi there!
I've been playing with the SSSD 'ldap_acces_filter' directive.
access_provider = ldap
ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com
I expected a similar functionality to the old
On Mon, Jan 27, 2014 at 01:02:19PM +0100, Lukas Slebodnik wrote:
On (26/01/14 13:02), Pavel Reichl wrote:
Hello,
sss_parse_name currently SIGSEGVs if any of output parameters (domain,
name) is a NULL. I think it may be useful to support passing NULL
arguments as not always both pieces of
[snip]
Can you also add '_' as prefix for output parameters into declaration.
We are not consistent in this and I cannot find this in coding style,
but it improves readability.
LS
Hello Lukas,
thank you for your comment. New patch implementing your suggestion is
attached.
PR
From
On (27/01/14 13:43), Pavel Reichl wrote:
[snip]
Can you also add '_' as prefix for output parameters into declaration.
We are not consistent in this and I cannot find this in coding style,
but it improves readability.
LS
Hello Lukas,
thank you for your comment. New patch implementing
Hi, there is a bit of a debate going on over on the samba list, about
using sssd or winbind. It is now being said that sssd should not be used
on a file server because sssd cannot do what winbind can do.
So here are the questions:
Just what are the differences between using sssd and winbind.
On Mon, Jan 27, 2014 at 03:49:15PM +, Rowland Penny wrote:
Hi, there is a bit of a debate going on over on the samba list,
about using sssd or winbind. It is now being said that sssd should
not be used on a file server because sssd cannot do what winbind can
do.
So here are the
On Mon, Jan 27, 2014 at 04:25:26PM +, Rowland Penny wrote:
On 27/01/14 16:10, Sumit Bose wrote:
On Mon, Jan 27, 2014 at 03:49:15PM +, Rowland Penny wrote:
Hi, there is a bit of a debate going on over on the samba list,
about using sssd or winbind. It is now being said that sssd should
On 27/01/14 16:46, Sumit Bose wrote:
On Mon, Jan 27, 2014 at 04:25:26PM +, Rowland Penny wrote:
On 27/01/14 16:10, Sumit Bose wrote:
On Mon, Jan 27, 2014 at 03:49:15PM +, Rowland Penny wrote:
Hi, there is a bit of a debate going on over on the samba list,
about using sssd or winbind.
On 27/01/14 17:21, Chris Hartman wrote:
For what it's worth, I use winbind + sssd as a windows fileserver and
have no problems with the setup. It's true that winbind is necessary
to share files but certainly SSSD can co-exist with winbind.
-Chris
Do you have to set winbind up? and if so
I don't have any documentation on my winbind setup, meaning that I've only
adjusted configs for SSSD (1.9.2) and Samba (configs for these included
below).
Before SSSD implemented ID mapping in a manner consistent with winbind, I
had to use Identity Management for Unix on the domain controller to
For what it's worth, I use winbind + sssd as a windows fileserver and have
no problems with the setup. It's true that winbind is necessary to share
files but certainly SSSD can co-exist with winbind.
-Chris
On Mon, Jan 27, 2014 at 11:53 AM, Rowland Penny repenny241...@gmail.comwrote:
On
On (27/01/14 09:46), Lukas Slebodnik wrote:
ehlo,
two patches are attached.
The 1st one is almost he same like patch:
commit 16b27fcceebcbbaeefaf5b9bdf2dec3065adba4a
LDAP: Don't fail if subdomain cannot be found by sid
I didn't notice that similar change was done in two separeted patches.
Hi,
When the schema is set to AD and ID mapping is used, there is a one-time
check ran when searching for users to detect the presence of POSIX attributes
in LDAP. If this check fails, the search fails as if no entry was found
and returns a special error code.
If the AD identity lookup finds
On 01/27/2014 01:59 PM, Lukas Slebodnik wrote:
On (27/01/14 09:46), Lukas Slebodnik wrote:
ehlo,
two patches are attached.
The 1st one is almost he same like patch:
commit 16b27fcceebcbbaeefaf5b9bdf2dec3065adba4a
LDAP: Don't fail if subdomain cannot be found by sid
I didn't notice that
On (27/01/14 17:49), Dmitri Pal wrote:
On 01/27/2014 01:59 PM, Lukas Slebodnik wrote:
On (27/01/14 09:46), Lukas Slebodnik wrote:
ehlo,
two patches are attached.
The 1st one is almost he same like patch:
commit 16b27fcceebcbbaeefaf5b9bdf2dec3065adba4a
LDAP: Don't fail if subdomain cannot
Hi,
I have tried to make all the required changes as mentioned in the above
mail. The patch for the same is attached along with this mail. While
writing test test_sss_ncache_prepopulate I came across a bug, as
mentioned below. Let me know if I am going wrong anywhere:
*In negcache.c*
line 676
On Sun, Jan 26, 2014 at 9:36 PM, Simo Sorce s...@redhat.com wrote:
On Thu, 2014-01-16 at 11:02 +0200, Noam Meltzer wrote:
Following the design document:
https://fedorahosted.org/sssd/wiki/DesignDocs/rpc.idmapd%20plugin
You can find in the following 5 patches my implementation.
Hi Noam,
20 matches
Mail list logo
