Ideally, yes, we would have the uidNumber present and populated. In our situation we don’t. That could change in the future.
Basically, I was using pam_ldap and it worked for ssh logins, but would not work with samba. I built the user account on the local machine, and set a random password. When users logged in, the auth request was passed to pam_ldap and worked. I didn’t have to worry about the uid/gid, because those were local. I would like to try and accomplish a similar result with sssd, mainly in order to get it functioning with samba. Is is possible for me to set it up such that i build the local user account just like above, and then use sssd *only* for authentication? N On Nov 12, 2014, at 12:09 PM, Lukas Slebodnik <[email protected]> wrote: > On (12/11/14 18:02), Nathan Robbins wrote: >> >> I am running into an interesting problem with our LDAP server. It’s an old >> system that has been in place for a long time we cannot change the schema. >> Basically I can’t change the LDAP server configuration. >> >> We do no make use of the uidNumber and gidNumber fields in our configuration. >> > According to https://www.ietf.org/rfc/rfc2307.txt you should have attribute > uidNumber in your LDAP entry. > > Which attribute do you want to use as a UID for users? > > BTW: > You can change it with configure options ldap_user_uid_number > and ldap_user_gid_number. > > Details are in man sssd-ldap. > > LS > _______________________________________________ > sssd-devel mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/sssd-devel _______________________________________________ sssd-devel mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
