Hello Sumit, >> filter="(&(objectClass=posixAccount)(uid=*)(uidNumber=*)(gidNumber=*))" >> ------------------- >> Is it possible to change the Filter: >> (&(objectClass=posixAccount)(uid=*)(uidNumber=*)(gidNumber=*)) > > Does the ldap_group_object_class option help? See man sssd-ldap for > details. > > bye, > Sumit > >> >> If "yes" how can I do this? I read to many howtos but I could not find a >> solution. >>
First Thing, I posted the wrong filter ^^ that's the filter for the users. The default filter for groups is: --------- (&(objectClass=posixGroup)(cn=*)(&(gidNumber=*)(!(gidNumber=0))) --------- What I need is: --------- (&(|(objectClass=stkaPosixGroup)(objectclass=PosixGroup))(cn=*)(&(gidNumber=*)(!(gidNumber=0)))) --------- If I set "ldap_group_object_class = stkaPosixGroup" sssd is using this filter: --------- (&(objectClass=stkaPosixGroup)(cn=*)(&(gidNumber=*)(!(gidNumber=0)))) --------- So now the PosixGroup is missing. So this parameter will just override the default value. Because ldap_group_object_class must be a string and not a LDAP-filter it is not possible to put a filter as a value to this variable. I checked it :-) Stefan >> Thanks for your help >> >> Stefan >> -- >> > > > > >> _______________________________________________ >> sssd-users mailing list -- [email protected] >> To unsubscribe send an email to [email protected] > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
