Hello all,
I have a couple of questions about the SSSD local domain, hope you'll be able
to shed some light.
I realise the local domain is currently mostly intended for testing, I also
get the impression (from searching the archives) that at some point it was
meant to be more than that, however I can't find details. I have a couple of
use-cases where the local domain would be rather useful, but I'm encountering
some problems.
1) When a user is created a private group is automatically created too,
however you can't seem to add another user into that group. Is this by design
or a bug? (I've one case where I need to be able to do this)
# sss_useradd test0
# sss_useradd test1
# sss_usermod -a test1 test0
Could not modify user - check if group names are correct
2) Cross domain memberships - that would be very useful to me. Specifically
being able to add both local users and groups (i.e. /etc/passwd, /etc/group)
and LDAP users and groups to a group in SSSD local domain.
At the moment this doesn't work as sss_usermod/sss_groupmod complains it
cannot find user/group in local domain.
Are there any plans to have such functionality in SSSD local domain (esp. the
2nd point)?
PS. many thanks for the great software, I started rolling out on our servers
and all the problems we had before with nss_ldap+pam_krb5+nscd are now gone!
--
Michael Gliwinski
Henderson Group Information Services
9-11 Hightown Avenue, Newtownabby, BT36 4RT
Phone: 028 9034 3319
**********************************************************************************************
The information in this email is confidential and may be legally privileged. It is intended solely for the addressee and access to the email by anyone else is unauthorised.
If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful.
When addressed to our clients, any opinions or advice contained in this e-mail are subject to the terms and conditions expressed in the governing client engagement leter or contract.
If you have received this email in error please notify support(a)henderson-group.com
John Henderson (Holdings) Ltd
Registered office: 9 Hightown Avenue, Mallusk, County Antrim, Northern Ireland, BT36 4RT.
Registered in Northern Ireland
Registration Number NI010588
Vat No.: 814 6399 12
*********************************************************************************