Hi,

that's actually what we tried:


> [sssd]
> domains = fsmpi.rwth-aachen.de
> config_file_version = 2 
> services = nss, pam 
> 
> [pam]
> offline_credentials_expiration = 1 
> offline_failed_login_attempts = 3 
> offline_failed_login_delay = 0 
> 
> [domain/fsmpi.rwth-aachen.de]
> ad_domain = fsmpi.rwth-aachen.de
> krb5_realm = FSMPI.RWTH-AACHEN.DE
> realmd_tags = manages-system joined-with-adcli 
> cache_credentials = True
> id_provider = ad
> krb5_store_password_if_offline = True
> default_shell = /bin/bash
> ldap_id_mapping = False
> use_fully_qualified_names = False
> fallback_homedir = /home/%u
> access_provider = ad
> enumerate = true
> ldap_user_fullname = displayName
> krb5_lifetime = 48h 
> krb5_renewable_lifetime = 200h
> krb5_renew_interval = 30m 
> ad_gpo_access_control = disabled
> ad_enable_gc = false
> ldap_search_base = 
> dc=fsmpi,dc=rwth-aachen,dc=de?subtree?(&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

Do you know what we did wrong?


Best regards
Rikus
_______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org

Reply via email to