-
Notifications
You must be signed in to change notification settings - Fork 257
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSSD Configuration - Missing Group Memberships #7879
Comments
Why do you use 'id_provider = ldap' and not 'id_provider = ad'? |
If I use |
Is this host enrolled into AD domain? |
Note that SSSD doesn't read 'memberOf' user attributes from the LDAP server. |
Yes it is |
Okey so what should i do? Which parameter should I set? BTW I must use 'id_provider = ldap' because when I use 'id_provider = ad' in logs I see message Permission denied, I am not user with admin privilligies thanks |
If host is indeed enrolled (i.e. there is a keytab with host keys) then try to use 'id_provider = ad' and do not specify other '*_provider' (it will default to ad). |
Btw, tickets are meant for bug reports, not for asking a help with configuration. |
Hello @justin-stephenson @sumit-bose ,
I am configuring SSSD against Active Directory, and when I run
id mako2
, I get the following output:However, when I run ldapsearch, I get the following details:
As you can see, the memberOf attribute in LDAP clearly shows that the user is a member of studenti and studenti_Ing groups, but these groups do not appear when using the id command.
Could you please advise on which parameters I need to add to my SSSD configuration to correctly retrieve and display these group memberships?
I am attaching the output of ldapsearch as well as my SSSD configuration file for reference.
OUTPUT_LDAPSEARCH.txt
Thank you!
Best regards,
Peter
The text was updated successfully, but these errors were encountered: