On Mon, Aug 12, 2019 at 07:21:15PM -, Jane Eason wrote:
> We do not have the uid number in LDAP.
>
> In our LDAP uid is the username, so LDAP has e.g. uid=bob. There is a local
> Linux user named "bob" as well (we are not creating accounts on login).
>
> We thought we could get around havi
I'm just going to leave this here:
Read RFC 2307 and pay attention to section 5.2. Affected library functions.
Good luck!
> On August 12, 2019 at 12:21 PM Jane Eason wrote:
>
>
> We do not have the uid number in LDAP.
>
> In our LDAP uid is the username, so LDAP has e.g. uid=bob. There is a
We do not have the uid number in LDAP.
In our LDAP uid is the username, so LDAP has e.g. uid=bob. There is a local
Linux user named "bob" as well (we are not creating accounts on login).
We thought we could get around having to have the uid number in LDAP, using the
following line in sssd.con
[(&(uid=myuser)(objectclass=inetorgperson)(&(uid=*)(!(uid=0][ou=people,ou=primary,ou=eid,dc=my,dc=edu].
what does an ldapsearch with objectclass=inetorgperson uid=\* return? and do
you also have a uidnumber attribute?
> On August 12, 2019 at 12:55 AM Jakub Hrozek wrote:
>
>
> On Fri, Au
On Fri, Aug 09, 2019 at 08:33:43PM -, Jane Eason wrote:
> Our LDAP does not include the POSIX schema, so we made a couple of entries in
> sssd.conf to attempt to work around that.
>
> Here is our complete (slightly redacted) sssd.conf:
>
> [domain/mydomain]
> id_provider = ldap
> auth_provid
On Fri, Aug 09, 2019 at 08:33:43PM -, Jane Eason wrote:
> Our LDAP does not include the POSIX schema, so we made a couple of entries in
> sssd.conf to attempt to work around that.
>
> Here is our complete (slightly redacted) sssd.conf:
>
> [domain/mydomain]
> id_provider = ldap
> auth_provid
Our LDAP does not include the POSIX schema, so we made a couple of entries in
sssd.conf to attempt to work around that.
Here is our complete (slightly redacted) sssd.conf:
[domain/mydomain]
id_provider = ldap
auth_provider = ldap
access_provider = ldap
ldap_uri = ldaps://mydomain.my.edu
ldap_sea
What does your LDAP domain section look like and why are you not using the
POSIX object class for uids?
> On August 9, 2019 at 12:01 PM Jane Eason wrote:
>
>
> Hello,
>
> We are attempting to get LDAP logins set up with sssd on RHEL 7.6.
>
> sssd is able to look up the user against the backe
