Following up on an issue from a while ago…
On Thu, May 14, 2015 at 9:32 PM, Stephen Gallagher wrote:
> [T]he SSSD developers are spending a moderate amount of time dealing
> with bugs in it [enumeration], first of all. Secondly, the
> limitations aren't really clearly
On Wed, Jan 27, 2016 at 09:17:09AM -0500, Stephen Gallagher wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 01/27/2016 05:27 AM, Jakub Hrozek wrote:
> > On Wed, Jan 27, 2016 at 09:43:21AM +, John Hodrien wrote:
> >> On Wed, 27 Jan 2016, Jakub Hrozek wrote:
> >>
> >>> I'm glad
> Op 27 jan. 2016, om 17:46 heeft Jakub Hrozek het
> volgende geschreven:
>
> On Wed, Jan 27, 2016 at 05:42:02PM +0100, Bolke de Bruin wrote:
>> Hello,
>>
>> I have sssd 1.13.00 working against FreeIPA 4.2 domain. This domain has a
>> trust relationship with a active
Hello,
I have sssd 1.13.00 working against FreeIPA 4.2 domain. This domain has a trust
relationship with a active directory domain.
One of the systems we are using requires to enumerate all users in groups by
(unfortunate) design (Apache Ranger). This is done by using
“getent group”. During
On (27/01/16 16:21), Jakub Hrozek wrote:
>Hi,
>
>the sssd's code that fetches sudo rules from the IPA server got an
>overhaul recently. The search would no longer be performed against the
>compat tree, but against IPA's native LDAP tree. This would have the
>advantage that environments that don't
On Wed, Jan 27, 2016 at 10:24 AM, Jakub Hrozek wrote:
> btw the other thing we've been talking about is only do write the
> entry when it actually changes. Most of the time, when we refresh
> the entry from the server, nothing changes. The idea would be to
> write only the
> On 27 Jan 2016, at 17:50, Bolke de Bruin wrote:
>
>>
>> Op 27 jan. 2016, om 17:46 heeft Jakub Hrozek het
>> volgende geschreven:
>>
>> On Wed, Jan 27, 2016 at 05:42:02PM +0100, Bolke de Bruin wrote:
>>> Hello,
>>>
>>> I have sssd 1.13.00 working
Hi Sumit,
I am making progress - both # getent -s sss passwd and getent group now work.
I can also su - ldapuser and I get a shell in the correct $HOME on the ldap
server.
But I still cannot login to the SSSD Client as an ldap user!
My /var/log/secure log last line is this:
SSSD-VM-Test
On Wed, Jan 27, 2016 at 09:43:21AM +, John Hodrien wrote:
> On Wed, 27 Jan 2016, Jakub Hrozek wrote:
>
> >I'm glad it helped. FWIW, we're considering adding a nosync option to
> >the cache as well at some point, which should have the same performance
> >effect as using tmpfs except the cache
On Tue, Jan 26, 2016 at 03:08:19PM +, Murdoch, Steven wrote:
> Hi Sumit, … this is the last few lines from the sssd_nss.log (after running #
> getent group – which does not work). Getent passwd now works ok.
>
> Tue Jan 26 14:51:15 2016) [sssd[nss]] [accept_fd_handler] (0x0400): Client
>
On Wed, 27 Jan 2016, Stephen Gallagher wrote:
Now, I can certainly see an argument for having such a nosync (or deferred
sync) option for machines that are expected to always be connected to the
identity network (and as such are using SSSD mostly for performance and
surviving the occasional
11 matches
Mail list logo