Hi Sumit, Thanks for the pointers, I agree this is probably short term at best and I can see there are a number of issues that could come up. I'll have a play with it over the next few days and see how far I get. I currently have the schema set to 'ad' which I'd not tried changing before now so I suspect that'll help get it working :)
-Cheers Max. ________________________________________ From: [email protected] [[email protected]] on behalf of Sumit Bose [[email protected]] Sent: Friday, June 06, 2014 9:06 AM To: [email protected] Subject: Re: [SSSD-users] org structure as user/group structure? it might be possible. You have to redefine a couple of ldap_group_* attributes. E.g. I would suggest to set ldap_group_object_class to the name of the object class which contains the directReports attribute. The this attribute just holds user names you have to set ldap_schema to rfc2307, if it contains DNs than rfc2307bis is the right choice. If the manager attribute contains DNs then you can set ldap_user_member_of to it to speed up group membership lookups, but please do not use it if there are only names. The information contained in this email, including any attachments, is intended solely for use by the individual or entity named above and may be confidential. If you have received this email in error please delete it and notify the sender immediately; you should not retain the message or disclose its contents to anyone. Thank you. hibu (UK) Limited, One Reading Central, Forbury Road, Reading, Berkshire, RG1 3YL, registered in England No. 4205228. hibu Sales Limited, One Reading Central, Forbury Road, Reading, Berkshire, RG1 3YL, registered in England No. 1403041. VAT registered number: GB765346017 © hibu (UK) Limited 2013. All rights reserved. hibu and other ™ are trademarks of hibu (UK) Limited or its licensors. _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
