-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/10/2010 01:36 PM, Martinsson Patrik wrote: >>'memberOf' is the reverse of 'member', not of 'memberuid'. AD doesn't >> create the 'memberOf' backlink for entries specified by 'memberuid' >> (because 'memberuid' members are also not required to be in the > central >> server; they can be local accounts or accounts provided by a different >> directory like NIS) > Ok, understood. > >> I'm not sure what the relevance is to that statement. If you're using >> 'ldap_schema = rfc2307', then it should be adding all members that >> appear as 'memberuid' in the group. >> >> I guess I don't understand what your question is here. It looks like >> things are behaving as expected. > Well, the group aapp has 6 memberUid, but only three of them is added by > sssd, how is that correct ? Or what am I missing ? > > Here are the users according to ldapsearch, > dn: CN=aapp,OU=Groups,DC=xx,DC=xx,DC=xx > memberUid: a001721 > memberUid: a000569 > memberUid: a000680 > memberUid: a001406 > memberUid: a000898 > memberUid: a000590 > > Here are the users beeing added by sssd, > a001721 > a001406 > a000898 > > And that is with ldap_schema = rfc2307 in the config. > > /Patrik Martinsson
Do the members a000569, a000680 and a000590 exist in the directory server if you look them up directly? - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0CdXEACgkQeiVVYja6o6NArQCfUUkqD2J8ObDZeW5YdSVIxkpO VBsAoJuSZT3rNP04PsZoVfT3+kn7u4gh =0/FV -----END PGP SIGNATURE----- _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel