Hello,
I try to configure some old sssd clients to connect to IPA server which does use AD and views. Is there any documentation which points which ldap_* related variables needs to be configured in sssd,conf in order to be able to query the views in IPA server ? Currently I can run ldapsearch -Y GSSAPI -h ipaserver.ipa.example.com -b "cn=legacy_servers,cn=views,cn=accounts,dc=example,dc=com" and it does display all the data, but I want that to be configured automatically at sssd level.
Am Thu, Aug 19, 2021 at 03:20:39PM -0000 schrieb iulian roman:
Hello,
I try to configure some old sssd clients to connect to IPA server which does use AD and views. Is there any documentation which points which ldap_* related variables needs to be configured in sssd,conf in order to be able to query the views in IPA server ? Currently I can run ldapsearch -Y GSSAPI -h ipaserver.ipa.example.com -b "cn=legacy_servers,cn=views,cn=accounts,dc=example,dc=com" and it does display all the data, but I want that to be configured automatically at sssd level.
Hi,
if the clients are so old that they cannot handle views automatically the steps from https://blog.delouw.ch/2016/04/15/using-freeipa-id-views-with-ldap-for-your-... might help.
bye, Sumit
sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Hi,
The sssd client is 1.9.4 (SUSE Linux Enterprise Server 11) , but there is not sssd-ipa package, therefore I need to configure ldap provider in sssd.conf. I checked that link before, but I think the views subtree is no longer accessible with anonymous bind, therefore I need somehow to authenticate to ldap in order to get access to the views. This is first issue.
The second issue is that when I query the AD users , I see this error in sssd_nss.log: [sss_dp_get_reply] (0x1000): Got reply from Data Provider - DP error code: 3 errno: 19 error message: Subdomains back end target is not configured
Any hint would be really appreciated !
sssd-users@lists.fedorahosted.org
-
iulian roman -
Sumit Bose