So!
New question, hopefully someone out there will know the answer:
I have a posix group located in LDAP ala:
cn=groupname,ou=LAB,dc=domain,dc=ca
Which contains a memberUid attribute with several uid values.
I am attempting to get sssd to associate these uids in the group with
the uid upon login. So far I am unsuccessful (id only returns the gid
in the user account)
Users are located in
ou=people,dc=domain,dc=ca
and they have a number of different objectClasses, one of which is
posixAccount
Any ideas? I am going to ask this on the SSSD-devel list too but I
figured everyone here is so knowledgeable and nice, there might be a
kind person who has this knowledge already and might help me :)
-Chris
On 11-05-31 4:31 PM, Chris Tooley wrote:
> To answer my own question:
>
> There are examples in sssd.conf that work, I had mistakenly assumed the
> attributes to which I wanted to map were already present in the LDAP
> user entry (labHomeDirectory, labShadowExpire), which they weren't -
> thus I was assuming I was using the examples incorrectly - making sure
> that I have values and the actual attributes sssd works correctly :)
>
> Sorry for the chaff!
>
> -Chris
>
> On 11-05-31 11:28 AM, Chris Tooley wrote:
>> Hello all,
>>
>> I am using SL6 on a new machine I've setup, and it's using SSSD, apparently.
>>
>> Originally, when I was just using a plane-jane ldap.conf file and ldap
>> with pam, I could specify:
>>
>> nss_map_attribute homeDirectory labHomeDirectory
>> nss_map_attribute shadowExpire labShadowExpire
>>
>> Suffice it to say, I need to implement these values, and I am completely
>> unfamiliar with SSSD. Can someone give me a pointer to some
>> documentation on this daemon, particularly as it relates to LDAP, or,
>> should I just disable SSSD and continue to use my old methods...?
>>
>> Is there something I'm missing in SSSD config somewhere which would
>> allow me to map attributes like the above?
>>
>> Thanks,
>> ~Chris
|