On 09/22/2016 12:48 PM, Sumit Bose wrote:
Yes, you use an authenticated bind in the ldapsearch (-D
uid=admin,cn=users,cn=accounts,dc=beta) while you anonymously bind with
your ldap.beta configuration.
IPA does not show group member for anonymousy binds, please add
ldap_default_bind_dn = uid=admin,cn=users,cn=accounts,dc=beta
ldap_default_authtok = myspulin
to [domain/ldap.beta] and you should see the members, but please _never_
use the admin account for this in production. As an alternative you can
add the SASL bind related option to your configuration.
HTH
bye,
Sumit
Thanks, Sumit, it works now.
Regards
--
Petr^4 Čech
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
