Hi, that's actually what we tried:
> [sssd] > domains = fsmpi.rwth-aachen.de > config_file_version = 2 > services = nss, pam > > [pam] > offline_credentials_expiration = 1 > offline_failed_login_attempts = 3 > offline_failed_login_delay = 0 > > [domain/fsmpi.rwth-aachen.de] > ad_domain = fsmpi.rwth-aachen.de > krb5_realm = FSMPI.RWTH-AACHEN.DE > realmd_tags = manages-system joined-with-adcli > cache_credentials = True > id_provider = ad > krb5_store_password_if_offline = True > default_shell = /bin/bash > ldap_id_mapping = False > use_fully_qualified_names = False > fallback_homedir = /home/%u > access_provider = ad > enumerate = true > ldap_user_fullname = displayName > krb5_lifetime = 48h > krb5_renewable_lifetime = 200h > krb5_renew_interval = 30m > ad_gpo_access_control = disabled > ad_enable_gc = false > ldap_search_base = > dc=fsmpi,dc=rwth-aachen,dc=de?subtree?(&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) Do you know what we did wrong? Best regards Rikus _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
