Hi,
this patch addresses https://fedorahosted.org/sssd/ticket/109. It should now be possbile to get users with 'UNIX attributes' set from AD. For me the following config options worked:
... provider = ldap ldapUri = ldap://your.ldap.server userSearchBase = cn=users,dc=example,dc=com groupSearchBase = cn=groups,dc=example,dc=com defaultBindDn = cn=Administrator,cn=Users,dc=example,dc=com defaultAuthtokType = password defaultAuthtok = YOUR_PASSWORD userObjectClass = person userName = msSFU30Name userUidNumber = msSFU30UidNumber userGidNumber = msSFU30GidNumber userHomeDirectory = msSFU30HomeDirectory userShell = msSFU30LoginShell tls_reqcert = never ...
I'm currently trying to get authentication against AD working, too. I will include a sample configuration and more man page option with a following patch.
bye, Sumit
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/19/2009 05:19 AM, Sumit Bose wrote:
Hi,
this patch addresses https://fedorahosted.org/sssd/ticket/109. It should now be possbile to get users with 'UNIX attributes' set from AD. For me the following config options worked:
... provider = ldap ldapUri = ldap://your.ldap.server userSearchBase = cn=users,dc=example,dc=com groupSearchBase = cn=groups,dc=example,dc=com defaultBindDn = cn=Administrator,cn=Users,dc=example,dc=com defaultAuthtokType = password defaultAuthtok = YOUR_PASSWORD userObjectClass = person userName = msSFU30Name userUidNumber = msSFU30UidNumber userGidNumber = msSFU30GidNumber userHomeDirectory = msSFU30HomeDirectory userShell = msSFU30LoginShell tls_reqcert = never ...
I'm currently trying to get authentication against AD working, too. I will include a sample configuration and more man page option with a following patch.
bye, Sumit
sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
Ack. I built and tested this patch against my own FreeIPA server (binding as admin).
- -- Stephen Gallagher RHCE 804006346421761
Looking to carve out IT costs? www.redhat.com/carveoutcosts/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/19/2009 09:10 AM, Stephen Gallagher wrote:
On 08/19/2009 05:19 AM, Sumit Bose wrote:
Hi,
this patch addresses https://fedorahosted.org/sssd/ticket/109. It should now be possbile to get users with 'UNIX attributes' set from AD. For me the following config options worked:
... provider = ldap ldapUri = ldap://your.ldap.server userSearchBase = cn=users,dc=example,dc=com groupSearchBase = cn=groups,dc=example,dc=com defaultBindDn = cn=Administrator,cn=Users,dc=example,dc=com defaultAuthtokType = password defaultAuthtok = YOUR_PASSWORD userObjectClass = person userName = msSFU30Name userUidNumber = msSFU30UidNumber userGidNumber = msSFU30GidNumber userHomeDirectory = msSFU30HomeDirectory userShell = msSFU30LoginShell tls_reqcert = never ...
I'm currently trying to get authentication against AD working, too. I will include a sample configuration and more man page option with a following patch.
bye, Sumit
sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
Ack. I built and tested this patch against my own FreeIPA server (binding as admin).
Pushed to master.
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
- -- Stephen Gallagher RHCE 804006346421761
Looking to carve out IT costs? www.redhat.com/carveoutcosts/
sssd-devel@lists.fedorahosted.org
-
Stephen Gallagher -
Sumit Bose