On Mon, Feb 18, 2019 at 03:36:48AM -0000, CharlesLee wrote: > Hi, everyone > > I have a problem with sssd 1.16.0 use in CentOS7 with AD(windows server > 2008R2). > > I'm use realm join the AD,and sssd config is next: > [domain/default] > autofs_provider = ldap > cache_credentials = True > krb5_realm = ARD.INC > ldap_search_base = dc=BEIJ,dc=inc > id_provider = ldap > auth_provider = ldap > chpass_provider = ldap > ldap_uri = ldap://192.168.201.207/ > ldap_id_use_start_tls = False > ldap_tls_cacertdir = /etc/openldap/cacerts > > [sssd] > domains = default, ARD.inc > config_file_version = 2 > services = nss, pam > [pam] > > [autofs] > > [domain/ARD.inc] > ad_domain = ARD.inc > krb5_realm = ARD.INC > realmd_tags = manages-system joined-with-samba > cache_credentials = True > id_provider = ad > krb5_store_password_if_offline = True > default_shell = /bin/bash > ldap_sasl_authid = YW-CLUSTER-LOGI$ > ldap_id_mapping = true > use_fully_qualified_names = False > fallback_homedir = /home/%u > access_provider = ad > ldap_idmap_range_min = 5000 > ldap_idmap_range_max = 7000 > ldap_idmap_range_size = 10 > > At the beginning it's running very good. > But the recent we discovery some user's UID have changed , the UID auto +10. > For example, the UID initial is 5333 then user UID auto change to 5343. > > Why?
I assume the non-defaults range sizes have something to do with it? Why did you tune the range sizes, isn't the default good enough? _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
