wrote
on 05/09/2013 02:44:00 PM:
> From: Jakub Hrozek
> To: ,
> Date: 05/09/2013 02:44 PM
> Subject: Re: [SSSD-users] RHEL5, sssd and the
Global Catalog (Jakub Hrozek)
> Sent by:
>
> On Thu, May 09, 2013 at 09:39:07AM -0400, will_dar...@navyfederal.org
wrote:
> > If this comes across as HT
On Thu, May 09, 2013 at 09:39:07AM -0400, will_dar...@navyfederal.org wrote:
>If this comes across as HTML sorry.. gotta find a better mail client for
>mailing lists... :/
>I grabbed these logs right after attempting a su - espadmin, so that
>should narrow down whats there. I shoul
On Thu, May 09, 2013 at 04:20:43PM +0100, michael gabriel wrote:
> Hi there,
>
> We have two different ldap "accounts". One is used to get user account
> information and the other is used get sudo information.
>
> Is there way to have two ldap_default_bind_dn's and ldap_default_authtok's
> for ea
Hi there,
We have two different ldap "accounts". One is used to get user account
information and the other is used get sudo information.
Is there way to have two ldap_default_bind_dn's and ldap_default_authtok's
for each of these account configured in sssd.conf.
Thanks
Mickeyg
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/09/2013 09:58 AM, Wojtak, Greg (Superfly) wrote:
> Thanks for the help. Would a similar solution be to set the
> ldap_access_filter to (&(cn=unix team,Š)(cn=server1access,...))
> with the server1access group containing the member's dn's? The
>
Thanks for the help. Would a similar solution be to set the
ldap_access_filter to (&(cn=unix team,Š)(cn=server1access,...)) with the
server1access group containing the member's dn's? The reason I ask this
is so that we can avoid having to assign gidnumbers to these groups?
--
Greg Wojtak
Senior
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/09/2013 09:08 AM, Wojtak, Greg (Superfly) wrote:
> I'm trying to set up sssd with access_provider = ldap. I'm having
> a little trouble getting the ldap_access_filter working the way I
> want to.
>
> The way I want to do it is to create a Resou
Because just about everyone in our organization will have the POSIX
attributes, but we don't want everyone to be able to log into every
server. For example, we have bankers that will ONLY log into our
origination system, the engineers and admins log in everywhere, the devs
log into dev and sometim
What about configuring sssd to make use of the POSIX attributes in AD and
define those attributes only for people you want to allow in?
Sound the easiest form to me.
Ondrej
-Original Message-
From: sssd-users-boun...@lists.fedorahosted.org
[mailto:sssd-users-boun...@lists.fedorahosted.o
I'm trying to set up sssd with access_provider = ldap. I'm having a little
trouble getting the ldap_access_filter working the way I want to.
The way I want to do it is to create a Resource Group in AD that contains the
Unix Team group and then whichever users need access to the system. So we'd
On Wed, May 08, 2013 at 01:29:24PM -0400, Dmitri Pal wrote:
> On 05/08/2013 12:57 PM, Brandon Foster wrote:
> > On Wed, May 8, 2013 at 9:52 AM, Sumit Bose wrote:
> >> On Wed, May 08, 2013 at 09:43:48AM -0700, Brandon Foster wrote:
> >>> On Wed, May 8, 2013 at 9:26 AM, Wojtak, Greg (Superfly)
> >>>
On Tue, May 07, 2013 at 02:35:00PM -0400, will_dar...@navyfederal.org wrote:
>Have configured a couple of hundred hosts to use sssd w/ LDAP to connect
>to the Global Catalog of a Windows 2008 Domain for identify and
>authentication. All of my RHEL6 servers appear to be fine, however
>
12 matches
Mail list logo
