Thanks guys,

I think there might be a way to modify the LDAP query. I'm speaking to the
EMC /  Dell support personnel today to see what can be done.



*Hanoz Elavia |*  IT Manager
*O:* 604-734-2866 *|*  *
112 West 6th Ave, Vancouver, BC, Canada, V5Y1K6

On Wed, Feb 22, 2017 at 6:50 AM, Alexander Bokovoy <>

> On ke, 22 helmi 2017, Jason B. Nance wrote:
>> There is none. Compat tree is built with RFC2307 queries in mind.
>>> RFC2307 clients issue a request with a specific user or group name and
>>> that triggers lookup of AD user/group through SSSD and insertion into
>>> the compat tree. A part of the trigger is how LDAP filter is built (see
>>> RFC for those). If your software does not use the same filter, you
>>> wouldn't get a response.
>> Are you saying that there is an LDAP query you can use to retrieve the
>> UID/GID of a user/group that is known via an AD trust as long as the
>> filter is correct?  I ran into this same situation (with a storage
>> appliance) and thought that the problem was that the UIDs/GIDs were
>> calculated but never stored, but I hadn't stopped to think about how
>> whether sssd (on the local machine) retrieves them from FreeIPA or does
>> the calculation.
> Read
> --
> / Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to