We do not have the uid number in LDAP.
In our LDAP uid is the username, so LDAP has e.g. uid=bob. There is a local Linux user
named "bob" as well (we are not creating accounts on login).
We thought we could get around having to have the uid number in LDAP, using the following
line in sssd.conf:
ldap_user_uid_number = uid
so at least the ldap query would return something.
When "bob" tries to login we do see bob's attributes returned from the sssd
ldap query, but it stops there without any attempt at an LDAP bind from bob.
Here is the result of an ldapsearch with objectclass=inetorgperson uid=\*
dn: uid=bob,ou=people,ou=primary,ou=eid,dc=my,dc=edu
mail: bob(a)my.edu
uid: bob
initials: B
givenName: Bob
sn: Barker
objectClass: inetOrgPerson
objectClass: myPerson
objectClass: eduPerson
objectClass: organizationalPerson
objectClass: Person
objectClass: ndsLoginProperties
objectClass: Top
Thanks,
Jane