Hi, Please find the below sssd.conf. We are seeing below in LDAP logs:
SRCH base="dc=mydomain,dc=com" scope=2 deref=0 filter="(&(uid=gdm)(objectClass=posixAccount)(&(uidNumber=*)(!(uidNumber=0))))" conn=3410 op=2 SRCH attr=objectClass uid userPassword uidNumber gidNumber gecos homeDirectory loginShell krbPrincipalName cn modifyTimestamp modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning shadowInactive shadowExpire shadowFlag krbLastPwdChange krbPasswordExpiration pwdAttribute authorizedService accountExpires userAccountControl nsAccountLock host loginDisabled loginExpirationTime loginAllowedTimeMap sshPublicKey mail We just need filter (objectClass=*) instead of the highlighted one. Also, we have created extra attributes which we are not able to see in SRCH attr. Please help. [sssd] config_file_version = 2 domains = default services = nss, pam, autofs [domain/default] debug_level = 9 id_provider = ldap krb5_realm = # ldap_schema = rfc2307bis ldap_uri = ldap://x.y.z:389 ldap_search_base = dc=mydomain,dc=com?base?|(objectClass=*) cache_credentials = True autofs_provider = ldap auth_provider = ldap chpass_provider = ldap ldap_default_bind_dn = cn=Manager,dc=mydomain,dc=com ldap_default_authtok =xyz access_provider = ldap enumerate = True [domain/LDAP] id_provider = ldap ldap_uri = ldap://x.y.z:389 ldap_search_base = dc=mydomain,dc=com cache_credentials = true min_id = 5000 max_id = 25000 enumerate = false [nss] [pam] [autofs] Regards, Maninder Need an easy-to-use, OS agnostic, platform independent Test Automation Framework to increase ROI from your applications? Check UTAF (Unified Test Automation Framework) <https://hsc.com/Services/Testing-Services/Test-Automation/Unified-Test-Automation-Framework-Services?utm_source=snippet&utm_medium=email&utm_content=Amrita&utm_campaign=UTAF> by HSC DISCLAIMER: This electronic message and all of its contents, contains information which is privileged, confidential or otherwise protected from disclosure. The information contained in this electronic mail transmission is intended for use only by the individual or entity to which it is addressed. If you are not the intended recipient or may have received this electronic mail transmission in error, please notify the sender immediately and delete / destroy all copies of this electronic mail transmission without disclosing, copying, distributing, forwarding, printing or retaining any part of it. Hughes Systique accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus.
_______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org