I'm just going to leave this here:
Read RFC 2307 and pay attention to section 5.2. Affected library functions.
Good luck!
> On August 12, 2019 at 12:21 PM Jane Eason <jeason(a)gsu.edu> wrote:
>
>
> We do not have the uid number in LDAP.
>
> In our LDAP uid is the username, so LDAP has e.g. uid=bob. There is a local Linux
user named "bob" as well (we are not creating accounts on login).
>
> We thought we could get around having to have the uid number in LDAP, using the
following line in sssd.conf:
>
> ldap_user_uid_number = uid
>
> so at least the ldap query would return something.
>
> When "bob" tries to login we do see bob's attributes returned from the
sssd ldap query, but it stops there without any attempt at an LDAP bind from bob.
>
> Here is the result of an ldapsearch with objectclass=inetorgperson uid=\*
>
> dn: uid=bob,ou=people,ou=primary,ou=eid,dc=my,dc=edu
> mail: bob(a)my.edu
> uid: bob
> initials: B
> givenName: Bob
> sn: Barker
> objectClass: inetOrgPerson
> objectClass: myPerson
> objectClass: eduPerson
> objectClass: organizationalPerson
> objectClass: Person
> objectClass: ndsLoginProperties
> objectClass: Top
>
> Thanks,
>
> Jane
> _______________________________________________
> sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
> To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...