# SSSD 2.9.5
The SSSD team is announcing the release of version 2.9.5 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.9.5
See the full release notes at:
https://sssd.io/release-notes/sssd-2.9.5.html
RPM packages
# SSSD 2.9.4
The SSSD team is announcing the release of version 2.9.4 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.9.4
See the full release notes at:
https://sssd.io/release-notes/sssd-2.9.4.html
RPM packages
# SSSD 2.9.3
The SSSD team is announcing the release of version 2.9.3 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.9.3
See the full release notes at:
https://sssd.io/release-notes/sssd-2.9.3.html
RPM packages
# SSSD 2.9.2
The SSSD team is announcing the release of version 2.9.2 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.9.2
See the full release notes at:
https://sssd.io/release-notes/sssd-2.9.2.html
RPM packages
# SSSD 2.9.1
The SSSD team is announcing the release of version 2.9.1 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.9.1
See the full release notes at:
https://sssd.io/release-notes/sssd-2.9.1.html
RPM packages
# SSSD 2.9.0
The SSSD team is announcing the release of version 2.9.0 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.9.0
See the full release notes at:
https://sssd.io/release-notes/sssd-2.9.0.html
RPM packages
# SSSD 2.8.2
The SSSD team is announcing the release of version 2.8.2 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.8.2
See the full release notes at:
https://sssd.io/release-notes/sssd-2.8.2.html
RPM packages
On 12/1/22 16:28, Pavel Březina wrote:
On 11/30/22 20:57, Kevin Vasko wrote:
Yup, “files” was first in nsswitch.conf. But now I can’t reproduce it
because after removing the user1 user from FreeIPA and adding it back,
it’s working as expected. :-/.
Is it possible that the IPA user had
t failing again) but it’s still
working as to how it did prior to 20.04 upgrade.
-Kevin
> On Nov 30, 2022, at 8:34 AM, Pavel Březina mailto:pbrez...@redhat.com>> wrote:
>
> On 11/29/22 15:43, Kevin Vasko wrote:
>> passwd: compat systemd sss
>>
On 11/29/22 15:43, Kevin Vasko wrote:
passwd: compat systemd sss
group: compat systemd sss
I changed it to be
passwd: files compat systemd sss
group: files compat systemd sss
and still had the same problem.
id_provider=ipa
Yes Ubuntu.
sssd 2.2.3-3ubuntu0.9
This same named user that was
# SSSD 2.8.1
The SSSD team is announcing the release of version 2.8.1 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.8.1
See the full release notes at:
https://sssd.io/release-notes/sssd-2.8.1.html
RPM packages
# SSSD 2.8.0
The SSSD team is announcing the release of version 2.8.0 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.8.0
See the full release notes at:
https://sssd.io/release-notes/sssd-2.8.0.html
RPM packages
# SSSD 2.7.4
The SSSD team is announcing the release of version 2.7.4 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.7.4
See the full release notes at:
https://sssd.io/release-notes/sssd-2.7.4.html
RPM packages
# SSSD 2.7.3
The SSSD team is announcing the release of version 2.7.2 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.7.3
See the full release notes at:
https://sssd.io/release-notes/sssd-2.7.3.html
*This is a
# SSSD 2.7.2
The SSSD team is announcing the release of version 2.7.2 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.7.2
See the full release notes at:
https://sssd.io/release-notes/sssd-2.7.2.html
*This is a
# SSSD 2.7.1
The SSSD team is proud to announce the release of version 2.7.0 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.7.1
See the full release notes at:
https://sssd.io/release-notes/sssd-2.7.1.html
RPM
# SSSD 2.7.0
The SSSD team is proud to announce the release of version 2.7.0 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.7.0
See the full release notes at:
https://sssd.io/release-notes/sssd-2.7.0.html
RPM
# SSSD 2.6.3
The SSSD team is proud to announce the release of version 2.6.3 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.6.3
See the full release notes at:
https://sssd.io/release-notes/sssd-2.6.3.html
RPM
# SSSD 2.6.1
The SSSD team is proud to announce the release of version 2.6.1 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.6.1
See the full release notes at:
https://sssd.io/release-notes/sssd-2.6.1.html
RPM
Subject contains wrong version number, it should obviously be 2.6.0.
___
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
# SSSD 2.6.0
The SSSD team is proud to announce the release of version 2.6.0 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.6.0
See the full release notes at:
https://sssd.io/release-notes/sssd-2.6.0.html
RPM
# SSSD 2.6.0
The SSSD team is proud to announce the release of version 2.6.0 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.6.0
See the full release notes at:
https://sssd.io/release-notes/sssd-2.6.0.html
RPM
On 9/10/21 9:20 AM, Daniil Kirilyuk wrote:
We're developing a java application, which should authenticate users against
both LDAP and custom formatted files containing user information. Both
username/password and certificate authentication are planned to be supported.
Our application should
# SSSD 2.5.2
The SSSD team is proud to announce the release of version 2.5.2 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.5.2
See the full release notes at:
https://sssd.io/release-notes/sssd-2.5.2.html
RPM
# SSSD 2.5.01
The SSSD team is proud to announce the release of version 2.5.1 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.5.1
See the full release notes at:
https://sssd.io/release-notes/sssd-2.5.1.html
RPM
discussion of that better discovery algorithm
for AD DCs. It came out in a recent sssd release, maybe in the
last 6-9 months. But I can't find that algorithm discussion now.
Spike
On Wed, May 12, 2021 at 7:15 AM Pavel Březina mailto:pbrez...@redhat.com>> wrote:
Dear
Dear SSSD community,
we have recently introduced new SSSD project web page at
https://sssd.io. We would like to keep adding new content, we have
plenty of ideas but we would also like to get some tips from you:
What articles would you like to see on the page? What knowledge gaps are
hard to
On 5/10/21 8:10 PM, Joakim Tjernlund wrote:
On Mon, 2021-05-10 at 16:01 +, Joakim Tjernlund wrote:
On Mon, 2021-05-10 at 17:48 +0200, Pavel Březina wrote:
On 5/10/21 5:12 PM, Joakim Tjernlund wrote:
On Mon, 2021-05-10 at 14:53 +, Joakim Tjernlund wrote:
I decided to test new sssd/KCM
On 5/10/21 5:12 PM, Joakim Tjernlund wrote:
On Mon, 2021-05-10 at 14:53 +, Joakim Tjernlund wrote:
I decided to test new sssd/KCM and this is what I get:
- ssh from non sssd/krb machine to new sssd machine, entered password
~ $ klist
Ticket cache: KCM:1001
Default principal:
# SSSD 2.5.0
The SSSD team is proud to announce the release of version 2.5.0 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.5.0
See the full release notes at:
https://sssd.io/release-notes/sssd-2.5.0.html
RPM
I am proud to announce that the new project website is online at:
https://sssd.io
We've worked hard the last couple of months to update our current
documentation and bring better user experience.
What's new:
* All content is now up to date with latest SSSD version
* New contribution guide so
# SSSD 2.4.2
The SSSD team is proud to announce the release of version 2.4.2 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.4.2
See the full release notes at:
https://sssd.io/docs/users/relnotes/notes_2_4_2
RPM
On 1/22/21 3:11 PM, Judd Gaddie wrote:
Is there any way to use nsswitch or another mechanism to not bother using sss
when it matches a sudo rule locally?
Something like sudoers: files [SUCCESS=return] sss
I don't think that sudo supports this.
I am looking for a way to bypass sssd's
# SSSD 2.4.1
The SSSD team is proud to announce the release of version 2.4.1 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.4.1
See the full release notes at:
https://sssd.io/docs/users/relnotes/notes_2_4_1
RPM
# SSSD 2.4.0
The SSSD team is proud to announce the release of version 2.4.0 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/sssd-2_4_0
See the full release notes at:
https://sssd.io/docs/users/relnotes/notes_2_4_0
On 7/29/20 5:27 PM, xcor...@gmail.com wrote:
I've been using sssd + AD to do auth for a few years now. Offline
authentication is enabled and works normally. In that time I've upgraded my
Ubuntu laptop several times, and each time I noticed that after the update, I
cannot log in unless I'm on
On 7/23/20 5:57 AM, Jonathon Anderson wrote:
I'm working a RHEL7.6 case (02704264, if that's useful to anyone)
where the tech is claiming that our domain setup of id_provider=ldap
with auth_provider=proxy doesn't work. This is counter to our past and
current experience, but I'm afraid of this
On 7/27/20 11:07 AM, Lukas Slebodnik wrote:
On (26/07/20 12:08), Spike White wrote:
All,
sssd front-end, AD back-end.Does sssd use initgroups to use initial
group membership?
I was recently debugging a sssd connection problem in the
/var/log/sssd/sssd* logs (debug level 9). and I thought
# SSSD 2.3.1
The SSSD team is proud to announce the release of version 2.3.1 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/sssd-2_3_1
See the full release notes at:
https://sssd.io/docs/users/relnotes/notes_2_3_1
I'm glad to announced that we have finished our migration to Github. The
repository and documentation on Pagure is no longer used.
The code is available at https://github.com/SSSD/sssd and documentation
at https://sssd.io.
___
sssd-users mailing
# SSSD 2.3.0
The SSSD team is proud to announce the release of version 2.3.0 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/sssd-2_3_0
See the full release notes at:
On 4/29/20 1:24 PM, Lukas Slebodnik wrote:
On (28/04/20 13:27), Pavel Březina wrote:
This is a continuation of SSSD migration from Pagure to Github.
We reconsidered our previous decision to keep existing issues in Pagure and
we chose to clone all issues to github instead. As much as we would
This is a continuation of SSSD migration from Pagure to Github.
We reconsidered our previous decision to keep existing issues in Pagure
and we chose to clone all issues to github instead. As much as we would
like to keep in touch with users on Pagure we are not able to close
remaining tickets
On 4/9/20 2:36 PM, Andreas Hasenack wrote:
hello,
On Thu, Apr 9, 2020 at 9:33 AM Pavel Březina wrote:
Issue tracker was opened on github.
Old issues will be kept in Pagure so we can communicate with original
reporters (Github does not support Fedora Account so we can not simply
migrate them
On 4/3/20 1:40 PM, Lukas Slebodnik wrote:
On (03/04/20 13:12), Pavel Březina wrote:
SSSD repository is currently spread over multiple places. We use Pagure
[1][2] to manage upstream issues and documentation and Github [3] as our main
development platform.
We chose to move only to a single
SSSD repository is currently spread over multiple places. We use Pagure
[1][2] to manage upstream issues and documentation and Github [3] as our
main development platform.
We chose to move only to a single platform to reduce number of tools we
use and to have everything at one place. We
SSSD repository is currently spread over multiple places. We use Pagure
[1][2] to manage upstream issues and documentation and Github [3] as our
main development platform.
We chose to move only to a single platform to reduce number of tools we
use and to have everything at one place. We
ike
From: Pavel Březina
Sent: Tuesday, March 10, 2020 11:33 PM
To: End-user discussions about the System Security Services Daemon;
Michael Lake
Subject: Re: [SSSD-users] Can I map an LDAP value of 123456 to a user
name of u123456 ?
On 3/10/20 5:11 AM, Michael Lake wrote:
> Hi all
>
On 3/10/20 5:11 AM, Michael Lake wrote:
Hi all
I am currently authenticating users with Centos 6 and sssd to an LDAP
server. I'll be moving to a Centos 8 so have setup sssd to authenticate
to the LDAP server on my test Centos 8 box. However, our users in our
LDAP only contains all numeric
On 2/18/20 6:30 PM, Orion Poplawski wrote:
I'm getting lots of messages like the following in our newer EL8 IPA servers:
(Sun Feb 16 03:23:43 2020) [sssd[be[nwra.com]]] [sysdb_set_cache_entry_attr]
(0x0080): ldb_modify failed: [No such object](32)[ldb_wait from ldb_modify
with LDB_WAIT_ALL: No
On 2/26/20 11:59 AM, Pavel Březina wrote:
On 2/25/20 7:56 PM, Orion Poplawski wrote:
Adding trigger line I think.
On 2/25/20 10:59 AM, Orion Poplawski wrote:
On a new EL8 IPA server:
(Sun Feb 23 23:09:29 2020) [sssd[be[nwra.com]]]
[dp_get_account_info_send]
(0x0200): Got request for [0x5
On 2/25/20 7:56 PM, Orion Poplawski wrote:
Adding trigger line I think.
On 2/25/20 10:59 AM, Orion Poplawski wrote:
On a new EL8 IPA server:
(Sun Feb 23 23:09:29 2020) [sssd[be[nwra.com]]] [dp_get_account_info_send]
(0x0200): Got request for [0x5][BE_REQ_SERVICES][name=ssh]
(Tue Feb 25
On 2/22/20 4:52 PM, Spike White wrote:
All,
When I was first crafting my sssd.conf file, I very much attempted to
make all my sssd domains upper-case. Because in my (naive) view, an AD
domain is just a Kerberos realm (+ LDAP + nice admin screens).
As you know, Kerberos is very much
On 2/12/20 9:23 PM, Vinícius Ferrão wrote:
Hello,
4 months ago I’ve opened an RFE on pagure about proper support for SSH
HBA with SSSD fetching hostkeys from LDAP, it’s described here:
https://pagure.io/SSSD/sssd/issue/4106
Since there’s no updates on the RFE I would like to bring the
On 1/17/20 1:24 PM, Jakub Hrozek wrote:
On Fri, Jan 17, 2020 at 11:23:25AM +0100, Pavel Březina wrote:
On 1/17/20 8:40 AM, Jannis Mann wrote:
Hi,
I've implemented sssd with id, auth and access provider as ldap. So I am
using a binding account and didn't joined the domain with the server
On 1/17/20 8:40 AM, Jannis Mann wrote:
Hi,
I've implemented sssd with id, auth and access provider as ldap. So I am
using a binding account and didn't joined the domain with the server.
In general everything works. Only members of mentioned SG within the
sssd.conf can login to the server,
On 11/30/19 5:41 PM, Oguzhan Eris wrote:
Hi everyone.
First off, thanks to everyone who's ever worked on SSSD. It's easily in my top
5 favorite FOSS projects out there.
I am not sure if this is the right way to ask for an enhancement, or whether I
should file an issue on GitHub, but I am
We, developers, always use S-S-S-D. I have never heard anyone saying
Triple-S-D :-)
On 11/15/19 1:49 PM, Jim Burwell wrote:
I use both. Triple-S-D is easier.
On 2019-11-14 19:20, Spike White wrote:
All,
S-S-S-D does not seem to roll off the tongue. When I say that,
co-workers think I'm
On 10/25/19 7:04 PM, Thomas Schweikle wrote:
Hi!
I've set up samba4 as ad-dc -- worked right away.
Exported the keytab. "klist -ke" looks good:
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
--
1
On 10/23/19 11:31 PM, Erinn Looney-Triggs wrote:
Folks I am in the process of working through this but I thought I would
throw it out just in case there were other thoughts or I was chasing
down the wrong lane.
We have a requirement for sudo to use a different password than the user
password
t dropbox URL contains two tarballs.
RHEL7_good_and_bad.tgz
RHEL8_good_and_bad.tgz
In each tarball, there's a "good" folder (with
domain_resolution_order set in sssd.conf file) and a "bad" folder
(without domain_resolution_order set in sssd.conf file).
Spike
On
On 10/17/19 12:17 AM, Jeff Thornsen wrote:
The reason I ask is because I use a bunch of storage appliances that offer
Secure-NFS (NETAPP, EMC UNITY, etc.), but they only support NIS, IDMU, RFC2307,
and RFC2307bis style Identity Mapping, all of which require manual assignment
of UID/GID
On 10/11/19 6:28 PM, Spike White wrote:
Without domain_resolution_order set, it does not search the non-local
domain and find any non-local accounts. (This is on RHEL7 and RHEL8).
So -- domain_resolution_order is required.
Can you send us sssd_nss.log and sssd_$domain.log logs generated
On 8/13/19 6:00 PM, Charles Hedrick wrote:
On our Ubuntu 18.04 servers, sssd won’t start. Logging shows that it can’t find
any DNS servers. Restarting sssd fixes it.
/etc/resolv.conf is a symlink to ../run/systemd/resolve/stub-resolv.conf
If I replace that with a hardcoded resolv.conf with
On 4/28/19 7:04 PM, Spike White wrote:
BTW,
Even if beforehand in authselect I create a custom profile and set
/etc/authselect/authselect.conf to this custom/profile.
When I run 'realm join', it still invokes:
* /usr/bin/sh -c /usr/bin/authselect select sssd with-mkhomedir
--force &&
10:29 AM
To: End-user discussions about the System Security Services Daemon
Cc: Pavel Březina
Subject: [SSSD-users] Re: sssd fails to start when I enable [ifp]
Interesting..Pavel, do you have some idea?
On 9 Oct 2018, at 10:27, Ondrej Valousek wrote:
Ok, obviously this error message does not
On 06/24/2018 05:04 AM, vad...@gmail.com wrote:
I made a change in UID for a user with sss_override but user-export to a
file does not export anything. I am using sssd version 1.15.2. Is this a
bug or may be I am doing something wrong? I followed the steps from this
On 12/19/2017 11:27 PM, Max DiOrio wrote:
Hey Jakub,
I sent a response almost immediately - which is why I followed up when I
hadn't heard back. You guys normally respond quickly.
The log files are available here. I attached them last time - maybe
that was the problem?
On 12/04/2017 09:15 PM, Max DiOrio wrote:
Hi,
We use Active Directory to manage our Linux access including SUDO
permissions.
We need to have a particular account run a passwordless command. I
created a new sudoRule in AD, added the following:
sudoCommand /bin/systemctl restart
On 11/13/2017 05:43 PM, Fabiano Fidêncio wrote:
On Mon, Nov 13, 2017 at 11:16 AM, Pavel Březina <pbrez...@redhat.com> wrote:
Hello,
It took me a lot longer than I expected but here it is at last. This is my
set of scripts that use vagrant and Ansible to automatically provision
v
Hello,
It took me a lot longer than I expected but here it is at last. This is
my set of scripts that use vagrant and Ansible to automatically
provision virtual environment that I use to develop and test SSSD.
To create this environment you only need to run one command:
$ ./setup.sh
and
On 08/11/2016 03:58 PM, Jakub Hrozek wrote:
On Thu, Aug 11, 2016 at 12:21:43PM +, Ondrej Valousek wrote:
There is output of the log file (debug 0x1FF):
...
(Wed Aug 10 02:22:24 2016) [sssd[be[default]]] [resolve_srv_done] (0x0400): SRV
lookup did not return any new server.
(Wed Aug 10
On 04/29/2016 10:30 AM, Ondrej Valousek wrote:
Hi List,
[root@machine ~]# sss_cache -g mpeg2
No cache object matched the specified search
[root@machine ~]# getent -s sss group mpeg2
mpeg2:*:139:
Is this normal behavior? I have deleted mpeg2 group recently…
Only after I do ‘sss_cache –G’ it
On 04/28/2016 11:46 AM, Michael Ströder wrote:
On 2016-04-28 11:18, Pavel Březina wrote:
On 04/27/2016 05:46 PM, Michael Ströder wrote:
I'm currently testing a custom build of sssd 1.13.4 against OpenLDAP
server.
I notice this filter in the log:
(&(objectClass=sudoRole)(modifyTimestam
On 04/27/2016 05:46 PM, Michael Ströder wrote:
HI!
I'm currently testing a custom build of sssd 1.13.4 against OpenLDAP
server.
I notice this filter in the log:
(&(objectClass=sudoRole)(modifyTimestamp>=1))
Obviously it's a USN fallback filter since USN attribute is not
available on
On 04/23/2016 01:33 PM, Michael Ströder wrote:
Kelley Cook wrote:
I've seem to have noticed a problem with using sssd with LDAP SudoHost's that
contain CIDR addresses.
We break our clusters into subnets and each have a few rules explicitly for
those systems
Lets call them
cluster_a
On 02/18/2016 07:37 PM, Mote, Todd wrote:
Hi all, how does sssd process multiple sudo rules from an OU search
base? I have my base pointed at an OU where I have one sudo rule
applied, and that works, but have another farther down. I can see in
the logs that it sees both rules. What I can’t
On 12/02/2015 11:32 AM, Pavel Březina wrote:
This solves situation where you want to use those globals on other place
than in *_common.c.
I also created https://fedorahosted.org/sssd/ticket/2890 so we can avoid
order-dependency on header files such as sysdb_services.h which I had to
fix for AD
Hi,
I just submitted a sudo troubleshooting guide [1]. If you find anything
missing, please, let me know.
[1] https://fedorahosted.org/sssd/wiki/HOWTO_Troubleshoot_SUDO
___
sssd-users mailing list
sssd-users@lists.fedorahosted.org
On 08/21/2015 05:07 PM, Dmitri Pal wrote:
On 08/21/2015 09:04 AM, Pierre Neyron wrote:
Hi,
I would like to use SSSD to allow authentication on linux machines for
users managed in 2 LDAP bases.
While SSSD is capable of supporting several domains, it seems to only
allow to handle the case where
On 07/29/2015 10:07 AM, Cumer Cristiano wrote:
Hello,
I have a setup with two different AD domains a.com and b.com in separate
forests. Im working with sssd-1.11.7
Everything is fine apart from sudo. When I issue an sudo, sssd performs
authentications always on domain A even if the user
On 12/02/2014 10:32 PM, Jakub Hrozek wrote:
On Tue, Dec 02, 2014 at 04:20:17PM -0500, Dmitri Pal wrote:
On 12/02/2014 04:14 PM, Jakub Hrozek wrote:
On Tue, Dec 02, 2014 at 04:00:33PM -0500, Dmitri Pal wrote:
HI,
Do we have any place where we describe what level of output one would get
with
On 07/09/2014 10:34 PM, Jakub Hrozek wrote:
On 09 Jul 2014, at 20:00, Rich Megginson rmegg...@redhat.com wrote:
re: https://lists.fedorahosted.org/pipermail/sssd-users/2014-July/001891.html
snip
OK, I take back all that I said over on the samba list, sssd does not
pull the sudo rules from AD
On 05/07/2014 10:11 AM, Szymon Jazy wrote:
Hello,
Is there a proper way in sudo rules to allow any command and exclude
only some groups?
Something like:
%test_group ALL=(ALL) ALL, !SU, !SHELLS
If I try to do this (gui/cli) I get an error:
ipa: ERROR: commands cannot be added when
On 04/10/2014 04:20 PM, Jakub Hrozek wrote:
Hi,
our current HOWTO[1] on connecting SSSD to an AD DC is outdated,
mostly because the page still only introduces the LDAP provider. Recently, me,
Sumit and Jeremy Agee wrote a new page that specifically advises to use
the AD provider and also use
On 09/21/2013 04:38 PM, Rowland Penny wrote:
On 20/09/13 08:36, Pavel Březina wrote:
On 09/19/2013 06:18 PM, Rowland Penny wrote:
Ok, I am back again, trying to get sssd to control sudo, but failing.
I added the sudo active directory schema ldif to samba4 AD
then added this:
dn: OU=SUDOers
On 09/23/2013 11:45 AM, Rowland Penny wrote:
On 23/09/13 09:41, Pavel Březina wrote:
On 09/20/2013 03:40 PM, Rowland Penny wrote:
On 20/09/13 13:49, Pavel Březina wrote:
On 09/20/2013 11:09 AM, Rowland Penny wrote:
On 20/09/13 08:36, Pavel Březina wrote:
On 09/19/2013 06:18 PM, Rowland
On 09/20/2013 11:09 AM, Rowland Penny wrote:
On 20/09/13 08:36, Pavel Březina wrote:
On 09/19/2013 06:18 PM, Rowland Penny wrote:
Ok, I am back again, trying to get sssd to control sudo, but failing.
I added the sudo active directory schema ldif to samba4 AD
then added this:
dn: OU=SUDOers
On 07/19/2013 11:03 PM, Licause, Al (CSC AMS BCS - UNIX/Linux Network
Support) wrote:
Having asked thatI just found the man page sudoers.ldap
I'll read on before asking more stupid questions.
Al
Hi,
the information on configuring sudo to work with sssd can be found in
sssd-sudo manual
On 03/19/2013 08:05 PM, Mathieu Lemoine wrote:
2013/3/19 Jakub Hrozek jhro...@redhat.com mailto:jhro...@redhat.com
On Tue, Mar 19, 2013 at 07:15:21PM +0100, Jakub Hrozek wrote:
On Tue, Mar 19, 2013 at 01:56:20PM -0400, Mathieu Lemoine wrote:
Hello,
I have sssd
On 03/20/2013 01:16 PM, Jakub Hrozek wrote:
On Wed, Mar 20, 2013 at 08:12:33AM -0400, Simo Sorce wrote:
On Wed, 2013-03-20 at 10:19 +0100, Pavel Březina wrote:
Hi,
I'm afraid we support ssh keys only with IPA backend at the moment.
Should we open a RFE to make it available with other
On 02/17/2013 05:33 PM, Michael Ströder wrote:
HI!
We're running Debian systems with old sssd 1.2.1 shipped in Debian Squeeze.
This works most of the times with getent passwd and getent group together with
uncached sudo-ldap data. So the data is in place and can be correctly
retrieved by sssd
92 matches
Mail list logo