On Wed, Sep 18, 2019 at 04:43:18PM +0200, Hinrikus Wolf wrote:
> Hi,
>
>
> this is our sssd.conf
>
> > [sssd]
> > domains = fsmpi.rwth-aachen.de
> > config_file_version = 2
> > services = nss, pam
> >
> > [pam]
> > offline_credentials_expiration = 1
> > offline_failed_login_attempts = 3
> >
On Thu, Sep 12, 2019 at 12:50 PM Hinrikus Wolf
wrote:
> I have implemented the ldap_saerch_base. But the disabled users
> are still listed in
>
> > getent passwd
>
> That means they are present for PAM.
Not necessarily.
If you did not wipe the sssd cache after you changed the
configuration,
Hi,
this is our sssd.conf
> [sssd]
> domains = fsmpi.rwth-aachen.de
> config_file_version = 2
> services = nss, pam
>
> [pam]
> offline_credentials_expiration = 1
> offline_failed_login_attempts = 3
> offline_failed_login_delay = 0
>
> [domain/fsmpi.rwth-aachen.de]
> ad_domain =
On Mon, Sep 16, 2019 at 10:37:11AM +0200, Hinrikus Wolf wrote:
> Hi,
>
>
> > Sumit Bose hat am 16. September 2019 08:23 geschrieben:
> > Hi,
> >
> > I guess you mean that the users are still available for nss, i.e they
> > can be looked up with 'getent passwd username'?
> Yes, that's what I
Hi,
> Sumit Bose hat am 16. September 2019 08:23 geschrieben:
> Hi,
>
> I guess you mean that the users are still available for nss, i.e they
> can be looked up with 'getent passwd username'?
Yes, that's what I mean.
>
> I think you didn't answer if you already tried to run the search filter
On Sat, Sep 14, 2019 at 11:57:09AM +0200, Hinrikus Wolf wrote:
> Hi,
>
> On 12.09.19 21:30, Lukas Slebodnik wrote:
>
> >
> > man sssd-ad says:
> > NOTES
> >The AD access control provider checks if the account is expired. It
> > has
> >the same effect as the following
Hi,
On 12.09.19 21:30, Lukas Slebodnik wrote:
>
> man sssd-ad says:
> NOTES
>The AD access control provider checks if the account is expired. It has
>the same effect as the following configuration of the LDAP provider:
>
>access_provider = ldap
>
On (12/09/19 18:49), Hinrikus Wolf wrote:
>Hi,
>
>thanks for your answer.
>
>I have implemented the ldap_saerch_base. But the disabled users are still
>listed in
>> getent passwd
>That means they are present for PAM.
>
>Any other ideas?
>
man sssd-ad says:
NOTES
The AD access control
Hi,
thanks for your answer.
I have implemented the ldap_saerch_base. But the disabled users are still
listed in
> getent passwd
That means they are present for PAM.
Any other ideas?
Best regards
Rikus
> James Ralston hat am 12. September 2019 00:08 geschrieben:
>
>
> On Wed, Sep 11,
On Wed, Sep 11, 2019 at 3:05 PM Hinrikus Wolf
wrote:
> ldap_search_base =
> dc=fsmpi,dc=rwth-aachen,dc=de?subtree?(&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
Putting an (objectClass=user) filter in
On Wed, Sep 11, 2019 at 09:04:40PM +0200, Hinrikus Wolf wrote:
> Hi,
>
> that's actually what we tried:
>
>
> > [sssd]
> > domains = fsmpi.rwth-aachen.de
> > config_file_version = 2
> > services = nss, pam
> >
> > [pam]
> > offline_credentials_expiration = 1
> >
Hi,
that's actually what we tried:
> [sssd]
> domains = fsmpi.rwth-aachen.de
> config_file_version = 2
> services = nss, pam
>
> [pam]
> offline_credentials_expiration = 1
> offline_failed_login_attempts = 3
> offline_failed_login_delay = 0
>
> [domain/fsmpi.rwth-aachen.de]
> ad_domain =
On Sun, Jul 21, 2019 at 06:08:18PM +0200, Hinrikus Wolf wrote:
> Hi,
>
> we are currently running a Samba AD DC Server with sssd on clients. Now
> we want to run sssd also on our mail server with postfix + dovecot.
> Postfix and dovecot get their users from NSS i.e. from sssd.
> In our Domain
13 matches
Mail list logo