Cool. I found that in the docs : ldap_user_uid_number and ldap_user_gid_number
I set those to an attribute in my LDAP that has a numerical value, however, still in the query sent to my ldap server, it has (&(uidNumber=*)(!(uidNumber=0)) in the query. Even if I set min_id = 0 This causes my LDAP server to return no results, no matter what I do. I am ok with mapping to another attribute, but unless I can override the search filter and get rid of that “and” I probably won’t be able to make it work. Ideas? On Nov 13, 2014, at 3:43 AM, Jakub Hrozek <jhro...@redhat.com> wrote: > On Wed, Nov 12, 2014 at 08:15:49PM +0000, Nathan Robbins wrote: >> I would like to try and accomplish a similar result with sssd, mainly in >> order to get it functioning with samba. Is is possible for me to set it up >> such that i build the local user account just like above, and then use sssd >> *only* for authentication? >> >> N > > The released versions of SSSD can only serve POSIX users, that is, users > who have an UID and a GID. You can either point SSSD to an attribute > that contains the ID or map the ID from a Windows SID. > > The ID attribute doesn't have to be named uidNumber/gidNumber and with > recent enough version you can even use the same LDAP attribute for both. > But there has to be either a numerical ID attribute or a Windows SID to > derive the ID from. > _______________________________________________ > sssd-devel mailing list > sssd-devel@lists.fedorahosted.org > https://lists.fedorahosted.org/mailman/listinfo/sssd-devel _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
