On 18/07/14 20:50, Dmitri Pal wrote:
On 07/18/2014 03:19 PM, Rowland Penny wrote:
On 18/07/14 20:03, Dmitri Pal wrote:
On 07/18/2014 11:53 AM, Rowland Penny wrote:
On 18/07/14 16:18, Jakub Hrozek wrote:
On Thu, Jul 10, 2014 at 11:20:10AM +0100, Rowland Penny wrote:
Any suggest to what I check next??
Sorry for the delayed reply.
Looks like an ACI problem to me, the first search binds as
[email protected], the second as
cn=Administrator,cn=Users,dc=example,dc=com
_______________________________________________
sssd-users mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-users
ER, could you please expand 'ACI' for me, I haven't a clue what you
are talking about ;-)
Access Control Instructions in LDAP on the server side.
In one case the account has privileges to get information and in
other it does not. You need to change permission on the server for
the SSSD account to have permission to do the search.
Thanks, you have confirmed what I thought was going on, have you any
idea how I can give machines the required rights in Active Directory
or can you point me at a webpage that explains how to do it?
Sorry, no. I would defer to technical gurus to chime in on Monday.
Rowland
_______________________________________________
sssd-users mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-users
OK, I have now got sudo to work on my laptop, but the only way I could
find was to add the laptop to Domain Admins. This confirms that it is a
permissions problem, but I do not think adding every linux computer to
Domain Admins is really a good idea.
So where do we go from here ?? will sssd & sudo work out of the box on
any linux distro against AD ?
Rowland
_______________________________________________
sssd-users mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-users
