On Wed, 2017-10-25 at 09:32 -0400, Douglas Duckworth wrote:
> Hi
>
> Do I need uidNumber for Service Accounts used for application /
> server binding if this user won't actually be resolved by sssd or
> nslcd?
>
> I set a very high uidNumber but eventually this will conflict with
> users as in
Thanks Michael!
No, we do not have uidNumber-based ACLs only DN based.
I will remove the uidNumber.
Thanks
Doug
Thanks,
Douglas Duckworth, MSc, LFCS
HPC System Administrator
Scientific Computing Unit
Physiology and Biophysics
Weill Cornell Medicine
E: d...@med.cornell.edu
O: 212-746-6305
F: 21
Douglas Duckworth wrote:
> Do I need uidNumber for Service Accounts used for application / server
> binding if this user won't actually be resolved by sssd or nslcd?
In general if your client only binds to the LDAP server it doesn't need
'uidNumber' attribute. It just needs a bind-DN and a passwor
Thanks so much, Jon!
I can see it clearly now!
# Service Accounts, domain
dn: ou=Service Accounts,domain
# g14classified, Service Accounts, domain
dn: uid=g14classified,ou=Service Accounts,domain
pwdPolicySubentry: cn=CustomBindAccountPolicy,ou=Policies,domain
Thanks,
Douglas Duckworth, MSc,
pwdPolicySubentry is an operational attribute. It will not be returned in
search results unless you explicitly request it or use + in your requested
attribute list.
If you change the add to a replace in your ldif file your modify operation
should succeed.
[cid:image001.png@01D34D74.73170570]<
Hi
Do I need uidNumber for Service Accounts used for application / server
binding if this user won't actually be resolved by sssd or nslcd?
I set a very high uidNumber but eventually this will conflict with users as
in my ignorance I didn't put this in a lower range.
Thanks,
Douglas Duckworth,
Hi
I am trying to make sure my bind Service Account's password does not
expire. I set this in ou=Policies with the intention that the policy would
only be applied to this user:
# Policies, domain
dn: ou=Policies,domain
ou: Policies
objectClass: organizationalUnit
# CustomBindAccountPolicy, Poli