-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/19/2009 05:19 AM, Sumit Bose wrote: > Hi, > > this patch addresses https://fedorahosted.org/sssd/ticket/109. It should > now be possbile to get users with 'UNIX attributes' set from AD. For me > the following config options worked: > > ... > provider = ldap > ldapUri = ldap://your.ldap.server > userSearchBase = cn=users,dc=example,dc=com > groupSearchBase = cn=groups,dc=example,dc=com > defaultBindDn = cn=Administrator,cn=Users,dc=example,dc=com > defaultAuthtokType = password > defaultAuthtok = YOUR_PASSWORD > userObjectClass = person > userName = msSFU30Name > userUidNumber = msSFU30UidNumber > userGidNumber = msSFU30GidNumber > userHomeDirectory = msSFU30HomeDirectory > userShell = msSFU30LoginShell > tls_reqcert = never > ... > > I'm currently trying to get authentication against AD working, too. I > will include a sample configuration and more man page option with a > following patch. > > bye, > Sumit > > > ------------------------------------------------------------------------ > > _______________________________________________ > sssd-devel mailing list > sssd-devel@lists.fedorahosted.org > https://fedorahosted.org/mailman/listinfo/sssd-devel
Ack. I built and tested this patch against my own FreeIPA server (binding as admin). - -- Stephen Gallagher RHCE 804006346421761 Looking to carve out IT costs? www.redhat.com/carveoutcosts/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkqL+csACgkQeiVVYja6o6PTHQCfbcUVHCUMuiwuLI/UE2kDbScQ XHYAoKgzsCs1MXcITp7TKFjePynsfkKN =A+jh -----END PGP SIGNATURE----- _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
