On Tue, Jul 04, 2017 at 04:39:35PM -0400, Tom wrote: > Is there a way in the sssd config to force the return of the user for only > the main domain?
You can skip some domains completely, please have a look at the ad_enabled_domains option in 'man sssd-ad' for details. The only way I can think of to ignore only specific users from a sub-domain is to use specific search filters for the sub-domain. Please see the 'TRUSTED DOMAIN SECTION' of man sssd.conf for details about how to configure a search filter for a sub-domain. Maybe local overrides can be used here as well. You might want to try to set a different UID to the user from the sub-domain with the sss_override utility. But I haven't tried this, so chances are that this might still fail. bye, Sumit > > In some cases user cannot be removed or AD config is setup that way on > purpose. > > Cheers, > Tom > > Sent from my iPhone > > > On Apr 7, 2017, at 11:16 PM, TomK <[email protected]> wrote: > > > >> On 4/6/2017 2:44 PM, Sumit Bose wrote: > >>> On Thu, Apr 06, 2017 at 02:30:41PM -0400, TomK wrote: > >>> Hey All, > >>> > >>> We're receiving the following message on an older installation of SSSD and > >>> RHEL 6.7. SSSD version is sssd-1.12.4-47.el6_7.4.x86_64. > >>> > >>> I'm wondering under what conditions could "Expected one user entry and got > >>> 2" be thrown and if it's fixed in higher SSSD versions. > >> > >> This message typically occurs if SSSD found a duplicate user or group > >> name or a duplicated UID or GID on the server side. If that's the case a > >> newer version won't help, the name or ID collision must be resolved on > >> the server side. > >> > >> HTH > >> > >> bye, > >> Sumit > >> > >>> > >>> -- > >>> Cheers, > >>> Tom K. > >>> ------------------------------------------------------------------------------------- > >>> > >>> Living on earth is expensive, but it includes a free trip around the sun. > >>> _______________________________________________ > >>> sssd-users mailing list -- [email protected] > >>> To unsubscribe send an email to [email protected] > >> _______________________________________________ > >> sssd-users mailing list -- [email protected] > >> To unsubscribe send an email to [email protected] > >> > > Thank you! > > > > -- > > Cheers, > > Tom K. > > ------------------------------------------------------------------------------------- > > > > Living on earth is expensive, but it includes a free trip around the sun. > > > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
