I would think about whether you're wanting to filter visibility and knowledge of users, or simply filter access to be able to use the machine.
Thinks like simple_allow_users / simple_allow_groups would likely be a much simpler method to restrict access, if you're content with user/group information being available to the machine, and just want to restrict access. man sssd-simple for that. John ________________________________ From: frank rust via sssd-users <sssd-users@lists.fedorahosted.org> Sent: 12 September 2025 13:02 To: sssd-users@lists.fedorahosted.org <sssd-users@lists.fedorahosted.org> Cc: frank rust <f.r...@tu-braunschweig.de> Subject: [SSSD-users]Simple question ? CAUTION: External Message. Use caution opening links and attachments. Hi all, I am new to this list. So if this is a common question, I apologise in advance. I have to filter the access to a system to allow several hundred users out of a ldap server with several 10 thousands of users. How would I do this? I think the way to define a simple filter line ``` ldap_user_search_filter = ( | (uid=user_1)(uid=user_2)(uid=user_7470)(...) ) ``` is not possible for the amount of users. I have no possibility to create a new group in ldap or add anything else, I only have read access. What can I do? Thanks in advance Frank -- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.fedoraproject.org%2Fen-US%2Fproject%2Fcode-of-conduct%2F&data=05%7C02%7Cj.h.hodrien%40leeds.ac.uk%7Cac877d963bbe4f7e783208ddf1f43ed0%7Cbdeaeda8c81d45ce863e5232a535b7cb%7C0%7C0%7C638932753520352971%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=NHZGKHtB9V%2FsADQYo77ej2r6JbHjo2UE%2FDiErvneiN0%3D&reserved=0<https://docs.fedoraproject.org/en-US/project/code-of-conduct/> List Guidelines: https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffedoraproject.org%2Fwiki%2FMailing_list_guidelines&data=05%7C02%7Cj.h.hodrien%40leeds.ac.uk%7Cac877d963bbe4f7e783208ddf1f43ed0%7Cbdeaeda8c81d45ce863e5232a535b7cb%7C0%7C0%7C638932753520384915%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=OUm7AhrnC0wotXW5dmf%2BJO91j7Qmu8b89k5xm82xFVs%3D&reserved=0<https://fedoraproject.org/wiki/Mailing_list_guidelines> List Archives: https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.fedorahosted.org%2Farchives%2Flist%2Fsssd-users%40lists.fedorahosted.org&data=05%7C02%7Cj.h.hodrien%40leeds.ac.uk%7Cac877d963bbe4f7e783208ddf1f43ed0%7Cbdeaeda8c81d45ce863e5232a535b7cb%7C0%7C0%7C638932753520402261%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Y1LLlNOtZXzT5y7Dd9sliQ599bNylDFgS6u8FWu1clM%3D&reserved=0<https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org> Do not reply to spam, report it: https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpagure.io%2Ffedora-infrastructure%2Fnew_issue&data=05%7C02%7Cj.h.hodrien%40leeds.ac.uk%7Cac877d963bbe4f7e783208ddf1f43ed0%7Cbdeaeda8c81d45ce863e5232a535b7cb%7C0%7C0%7C638932753520417992%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=6OrtcMNWxjtoEEXw0nRf6HNDGpMi6MqIM%2BtqLlPEp8U%3D&reserved=0<https://pagure.io/fedora-infrastructure/new_issue>
-- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
