On Fri, Feb 15, 2019 at 07:05:37AM -0000, CharlesLee wrote: > Hi everyone, > > I'm using sssd 1.62 in CentOS 7.4。 > The sssd is very good, I love it! > > But, when I use "ldap_id_mapping=False" in /etc/sssd/sssd.conf the user's > password will not availabe.
I assume with 'the user's password will not available' you mean that the user cannot log in? I guess that the user cannot even be found if you call 'getent passwd username'. > Why? With "ldap_id_mapping=False" SSSD expects that the POSIX UIDs and GIDs are stored in Active Directory (I assume you are using AD). By default this is not the case and recent version of Windows Servers even removed some tools which made it easy to set them. > How to solve it? Either use "ldap_id_mapping=True" (recommended) or add suit uidNumber and gidNumer attributes in AD to the users and groups. HTH bye, Sumit > > Thanks > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
