> On Oct 11, 2018, at 12:51 AM, Alexander Bokovoy via FreeIPA-users > <[email protected]> wrote: > > On ke, 10 loka 2018, Perry Smith via FreeIPA-users wrote: >> Two questions for this group: >> >> 1) Is there a way to get it to not look for the SRV record in the first >> place? >> >> 2) On a completely different topic, how do I install the “memberof” plug-in? >> At least, I think that’s what I need / want. I need to do LDAP filter for >> members >> of a group and currently my LDAP records do not have memberof but instead >> have >> memberUid (and that is only in compat and not in accounts) >> >> I hope its ok to mix two questions into one email. > It would be if you'd provide more details to allow helping you. How are > you inferring that there is no 'memberof' plugin enabled? FreeIPA does > not allow to retrieve membership information for non-authenticated > connections from the primary subtree (cn=accounts,$SUFFIX). If you are > checking without authentication, that's your problem.
The DNS issue was hard to solve but I finally managed to get the bind9 and freeipa code from ppa:freeipa/staging so the DNS is working and the ipa command line commands no longer pause 30 seconds. The LDAP question was solved as Alexander suggested — by authenticating first. I’m curious what the reason is for this? From the compat entries, one can deduce the members of the groups. Thank you for your time, Perry Smith
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
