Am Fri, Mar 04, 2022 at 10:35:34PM -0000 schrieb Don Drake: > Our implementation of netgroups has objects that identify groups of > servers, the use the nisnetgrouptriple attribute where users are > assigned without domain or server information. i.e. > 'nisnetgrouptriple=(,USERID,)', this is called an administrative > group. Each server has its own netgroup object that uses the > membernisnetgroup attribute to connect the server to an administrative > netgroup. i.e. memberNisNetgroup=admngroup. this has worked for us > for years. we cann find a way in SSSD to implement this. What am i > missing?
Hi, SSSD should support the netgroup LDAP object as defined in RFC2307(bis). For the attribute name mapping you can check man sssd-ldap-attributes section 'NETGROUP ATTRIBUTES'. To debug the issue I would suggest to add 'debug_level = 9' to the [nss] and [domain/...] section of sssd.conf, restart SSSD and try to lookup the affected netgroup again. The debug logs should explain what SSSD is reading from the LDAP server and might give a hint why it does not return the expected result. Feel free to send the logs here for further inspection. bye, Sumit > _______________________________________________ > sssd-users mailing list -- sssd-users@lists.fedorahosted.org > To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
