So! New question, hopefully someone out there will know the answer: I have a posix group located in LDAP ala: cn=groupname,ou=LAB,dc=domain,dc=ca Which contains a memberUid attribute with several uid values. I am attempting to get sssd to associate these uids in the group with the uid upon login. So far I am unsuccessful (id only returns the gid in the user account) Users are located in ou=people,dc=domain,dc=ca and they have a number of different objectClasses, one of which is posixAccount Any ideas? I am going to ask this on the SSSD-devel list too but I figured everyone here is so knowledgeable and nice, there might be a kind person who has this knowledge already and might help me :) -Chris On 11-05-31 4:31 PM, Chris Tooley wrote: > To answer my own question: > > There are examples in sssd.conf that work, I had mistakenly assumed the > attributes to which I wanted to map were already present in the LDAP > user entry (labHomeDirectory, labShadowExpire), which they weren't - > thus I was assuming I was using the examples incorrectly - making sure > that I have values and the actual attributes sssd works correctly :) > > Sorry for the chaff! > > -Chris > > On 11-05-31 11:28 AM, Chris Tooley wrote: >> Hello all, >> >> I am using SL6 on a new machine I've setup, and it's using SSSD, apparently. >> >> Originally, when I was just using a plane-jane ldap.conf file and ldap >> with pam, I could specify: >> >> nss_map_attribute homeDirectory labHomeDirectory >> nss_map_attribute shadowExpire labShadowExpire >> >> Suffice it to say, I need to implement these values, and I am completely >> unfamiliar with SSSD. Can someone give me a pointer to some >> documentation on this daemon, particularly as it relates to LDAP, or, >> should I just disable SSSD and continue to use my old methods...? >> >> Is there something I'm missing in SSSD config somewhere which would >> allow me to map attributes like the above? >> >> Thanks, >> ~Chris