I have the following sssd backend:

------------------------------------------------------------

domains = IPALDAP

[domain/IPALDAP]
id_provider = ldap
auth_provider = ldap
ldap_schema = IPA
ldap_uri = ldap://ipa1.example.net, ldap://ipa2.example.net
ldap_search_base = dc=example,dc=net
ldap_user_search_base = cn=users,cn=accounts,dc=example,dc=net
ldap_netgroup_search_base = cn=ng,cn=compat,dc=example,dc=net
ldap_tls_cacert = /etc/ipa/ca.crt
ldap_tls_reqcert = demand
cache_credentials = false
enumerate = true
debug_level = 5
------------------------------------------------------------

Why isn't "emilb" a member of the systemagic group???

# getent group|grep systema
systemagic:*:10031:johanl,martinh


# ldapsearch -x -h ipa1.example.net -b cn=accounts,dc=example,dc=net
# cn=systemagic
# extended LDIF
#
# LDAPv3
# base <cn=accounts,dc=example,dc=net> with scope subtree
# filter: cn=systemagic
# requesting: ALL
#

# systemagic, groups, accounts, example.net
dn: cn=systemagic,cn=groups,cn=accounts,dc=example,dc=net
objectClass: ipaobject
objectClass: top
objectClass: groupofuniquenames
objectClass: ipausergroup
objectClass: posixgroup
objectClass: groupofnames
objectClass: nestedgroup
memberUid: susannek
memberUid: martinh
memberUid: johanl
gidNumber: 10031
cn: systemagic
ipaUniqueID: 329e0b6e-9ec5-11e1-8777-525400b94ff0
member: uid=johanl,cn=users,cn=accounts,dc=example,dc=net
member: uid=martinh,cn=users,cn=accounts,dc=example,dc=net
member: uid=emilb,cn=users,cn=accounts,dc=example,dc=net

# search result
search: 2
result: 0 Success



  -jf

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to