Thanks guys, I think there might be a way to modify the LDAP query. I'm speaking to the EMC / Dell support personnel today to see what can be done.
Regards, Hanoz *Hanoz Elavia |* IT Manager *O:* 604-734-2866 *|* *www.atomiccartoons.com <http://www.atomiccartoons.com>* 112 West 6th Ave, Vancouver, BC, Canada, V5Y1K6 On Wed, Feb 22, 2017 at 6:50 AM, Alexander Bokovoy <[email protected]> wrote: > On ke, 22 helmi 2017, Jason B. Nance wrote: > >> There is none. Compat tree is built with RFC2307 queries in mind. >>> RFC2307 clients issue a request with a specific user or group name and >>> that triggers lookup of AD user/group through SSSD and insertion into >>> the compat tree. A part of the trigger is how LDAP filter is built (see >>> RFC for those). If your software does not use the same filter, you >>> wouldn't get a response. >>> >> >> Are you saying that there is an LDAP query you can use to retrieve the >> UID/GID of a user/group that is known via an AD trust as long as the >> filter is correct? I ran into this same situation (with a storage >> appliance) and thought that the problem was that the UIDs/GIDs were >> calculated but never stored, but I hadn't stopped to think about how >> whether sssd (on the local machine) retrieves them from FreeIPA or does >> the calculation. >> > Read https://pagure.io/slapi-nis/blob/master/f/doc/ipa/sch-ipa.txt > > > > -- > / Alexander Bokovoy >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
