On Tue, Dec 20, 2016 at 12:10:28PM +0000, Maninder Singh wrote: > Hi, > > Please find the below sssd.conf. We are seeing below in LDAP logs: > > SRCH base="dc=mydomain,dc=com" scope=2 deref=0 > filter="(&(uid=gdm)(objectClass=posixAccount)(&(uidNumber=*)(!(uidNumber=0))))" > conn=3410 op=2 SRCH attr=objectClass uid userPassword uidNumber gidNumber > gecos homeDirectory loginShell krbPrincipalName cn modifyTimestamp > modifyTimestamp shadowLastChange shadowMin shadowMax shadowWarning > shadowInactive shadowExpire shadowFlag krbLastPwdChange krbPasswordExpiration > pwdAttribute authorizedService accountExpires userAccountControl > nsAccountLock host loginDisabled loginExpirationTime loginAllowedTimeMap > sshPublicKey mail > > > We just need filter (objectClass=*) instead of the highlighted one. Also, we > have created extra attributes which we are not able to see in SRCH attr. > Please help.
This is a direct lookup for user gdm. Enumerating all users would probably search all entries that have the posixAccount objectclass and have any uidNumber. But maybe describing better what you are trying to achieve would help us answer better? > > [sssd] > config_file_version = 2 > domains = default > services = nss, pam, autofs > > [domain/default] > debug_level = 9 > id_provider = ldap > krb5_realm = # > ldap_schema = rfc2307bis > ldap_uri = ldap://x.y.z:389 > ldap_search_base = dc=mydomain,dc=com?base?|(objectClass=*) > cache_credentials = True > autofs_provider = ldap > auth_provider = ldap > chpass_provider = ldap > ldap_default_bind_dn = cn=Manager,dc=mydomain,dc=com > ldap_default_authtok =xyz > access_provider = ldap > enumerate = True > > [domain/LDAP] > id_provider = ldap > ldap_uri = ldap://x.y.z:389 > ldap_search_base = dc=mydomain,dc=com > cache_credentials = true > min_id = 5000 > max_id = 25000 > enumerate = false > > > [nss] > > [pam] > > [autofs] > > Regards, > Maninder > Need an easy-to-use, OS agnostic, platform independent Test Automation > Framework to increase ROI from your applications? Check UTAF (Unified Test > Automation Framework) > <https://hsc.com/Services/Testing-Services/Test-Automation/Unified-Test-Automation-Framework-Services?utm_source=snippet&utm_medium=email&utm_content=Amrita&utm_campaign=UTAF> > by HSC > > DISCLAIMER: This electronic message and all of its contents, contains > information which is privileged, confidential or otherwise protected from > disclosure. The information contained in this electronic mail transmission is > intended for use only by the individual or entity to which it is addressed. > If you are not the intended recipient or may have received this electronic > mail transmission in error, please notify the sender immediately and delete / > destroy all copies of this electronic mail transmission without disclosing, > copying, distributing, forwarding, printing or retaining any part of it. > Hughes Systique accepts no responsibility for loss or damage arising from the > use of the information transmitted by this email including damage from virus. > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
