On Wed, Jan 08, 2020 at 11:49:53PM -0000, Roy Presley wrote:
> I have a use case with a local domain (files) that requires a one-to-many
> relationship between a Linux user account and alternate smartcard token user
> names, i.e., I have multiple users with individual smartcards that need to be
> able to authenticate to a single Linux user account.
>
> Based on the sssd documentation and my observation, the sssd.conf file only
> matches the last matchrule supplied. This appears to force a one-to-one
> relationship between a Linux user account and a smartcard token user name.
>
> Is there a way to create a matchrule (or rules) that will allow the use of
> multiple smartcards with a single Linux user account? Thanks.
Hi,
you can use the or operator '||' in a matchrule, e.g.
matchrule = ||<SUBJECT>^CN=user1,DC=domain$<SUBJECT>^CN=user2,DC=domain$
Does this help?
bye,
Sumit
> _______________________________________________
> sssd-users mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedorahosted.org/archives/list/[email protected]
_______________________________________________
sssd-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
