Hi, this is my first post to this group, I hope someone can help me. I'm interested to map ID mapping and authentication from a LDAP Server in a CentOS 6.5 box. The LDAP Server (running IBM TDS afaik) is managed by a third party provider, so I just can make queries but not modifications. I noted that there's no posixAccount objectClass in LDAP users, so I wonder, How can I integrate those users using SSSD? This is an example of my domain: [domain/custom.domain.com] id_provider = ldap auth_providers = ldap chpass_provider = ldap ldap_uri = ldaps://directory.domain.com ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt #ldap_search_base = "" ldap_id_use_start_tls = true cache_credentials = false enumerate = false use_fully_qualified_names = false #ldap_user_name = notesShortName As you can see, I tried to use "ldap_user_name" but without luck. I'm concerned about entries that don't exist on the LDAP server like homeDirectory or loginShell. Can SSSD deal with those attributes not present? I like to use just the credentials (user authentication) from the LDAP server to get my users logged in my linux box. I hope someone understand this scenario and can be able to help me. Thanks in advance.