Ding Ding Ding! We have a winner! Addint the "ldap_group_object_class" to my 1.5.14 sssd.conf did indeed fix my nested groups problem: # id alpha uid=10001(alpha) gid=1000(users) groups=1000(users),1001(fruits),1002(nuts)
It does not work on 1.5.1 (which we suspected/knew already), but I'm comfortable pushing the newer RPMs to my management machine. 1000 thanks to everyone that took a look at this, especially Jakub. Now that my fruits and nuts are straightened out, I can move on to sysadmins and users and managers, etc. John Gorkos -----Original Message----- From: sssd-devel-boun...@lists.fedorahosted.org on behalf of Jakub Hrozek Sent: Sun 23-Oct-11 17:40 To: sssd-devel@lists.fedorahosted.org Subject: Re: [SSSD] Fruits and Nuts (or, need help with nested LDAP groups) I think this is actually a configuration issue -- have you tried if setting 'ldap_group_object_class = groupOfNames' helps your case? It did the trick during my testing. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
