HI! Is it possible to have a auth-only domain in sssd.conf?
Something like this: [domain/LDAP-ID] id_provider = ldap ldap_search_base = ou=stuff,dc=mydomain,dc=org ... [domain/LDAP-AUTHC] auth_provider = ldap ldap_search_base = ou=virtual,dc=mydomain,dc=org ... The idea is to let sssd search the map data beneath naming context ou=stuff,dc=mydomain,dc=org but use ou=authc-virtual,dc=mydomain,dc=org only for authentication via LDAP simple bind with a hard-coded pattern like: bind DN: uid=$user,ou=virtual,dc=mydomain,dc=org Note that user name would be the same in both naming contexts. So sssd would not have to search in ou=virtual,dc=mydomain,dc=org to make use of it. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
