I have the time to build and yes current 1.9 builds fine on debian stable. I could build a debian package with fpm but it would be nice to have it in backports.
On Fri, May 2, 2014 at 2:52 PM, steve <[email protected]> wrote: > On Fri, 2014-05-02 at 13:21 +0200, Paul Liljenberg wrote: > > I did try modifying the conf with your suggested settings, but it did > > not work. Hm.. I wonder if theres an error with sasl. > > > > > > /var/log/auth.log: > > May 2 12:58:44 client sssd_be: canonuserfunc error -7 > > May 2 12:58:44 client sssd_be: _sasl_plugin_load failed on > > sasl_canonuser_init for plugin: ldapdb > > > > > > > What do you think? > > Do you have the time or are allowed to build a later version? Guessing > what the devs have posted, it looks as if debian is stuck with an old > version. I know gssapi works with 1.9 and better with the link I posted. > Oh, maybe check the key really is in the keytab? > > Cheers, > Steve > > > > > > > > > > On Fri, May 2, 2014 at 11:22 AM, steve <[email protected]> wrote: > > On Fri, 2014-05-02 at 11:03 +0200, Paul Liljenberg wrote: > > > Unfortuneately im tied to current debian stable in this > > setup and > > > backporting sssd does not seem possible. Thanx Steve. > > > > > > > OK. You'll have to do the AD attribute mapping manually then. > > This worked for us with 1.9: > > > > ldap_user_object_class = user > > ldap_user_name = samAccountName > > ldap_user_uid_number = uidNumber > > ldap_user_gid_number = gidNumber > > ldap_user_home_directory = unixHomeDirectory > > ldap_user_shell = loginShell > > ldap_group_object_class = group > > ldap_group_search_base = dc=your,dc=domain > > ldap_group_name = cn > > ldap_group_member = member > > #ldap_user_search_filter > > =(&(objectCategory=User)(uidNumber=*)) > > > > I think the commented filter was for 1.8. This should get your > > user > > through the process. > > HTH > > Steve > > > > > > > > _______________________________________________ > > sssd-users mailing list > > [email protected] > > https://lists.fedorahosted.org/mailman/listinfo/sssd-users > > > > > > > > > > > > -- > > Vänliga Hälsningar / Best Regards > > Paul Liljenberg > > _______________________________________________ > > sssd-users mailing list > > [email protected] > > https://lists.fedorahosted.org/mailman/listinfo/sssd-users > > > _______________________________________________ > sssd-users mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/sssd-users > -- Vänliga Hälsningar / Best Regards Paul Liljenberg
_______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
