-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEOjtDOPXdIVAWcUziyeav2MG3z/wFAl6ZUnoACgkQyeav2MG3
z/zuFw//Rwwe/4K4tNS/QEROzJeHAuPnaZh3GNtGQzyNkh9og6OGDVs9KegJy1cI
u5jK1jALAGaKRlgHU2jQITbBHaKsPmHqczAvP6UMR6ZBk0VXW7B5nALtY1qRtfzM
UKispwt2k0N7EfDVSwMpAh4csx10v7hGpc6WBoDnNdqE3b8jIp8UAPpXv8C9dyB4
oVdBkE+icMDWx6ph1NYwFcmIymqyhCspk8VKHvXbztOmUsLVANx/2RaL9KytwzsE
N5hyrpC4qmRbzbJ9IAArmYnv0N56rQGkFkRyOdNszzjP8G+zGEUAdXjOJKI3L1/w
6GzFCclNa9tcRu+fj2eHw7SAsQ/ugRtf8ii390U7dhO7ydVOxZ2q98mGRdKmgGp9
yN9s4/vbbvPVbUXCApCwUoybPCByCGPn2A5To46vVCMK/Vqjref+ZUsFzyLV7F7A
Ur9rjI6ucgrHHRqv8gMHJAQGLwUufNGYfx3WsGZxpppWgRlsUmW4wiz6lS7BoBQ6
fj4W5SrW9QDcSSFKgjSmuPsNZJDkpZwVHPFPiPvOIIeQaS+1bMMkQMtp7Ray99NA
bP3TmcSsNRAHGRYEk5vs+HnFO9QsaA94tgAX1Nag1R55PS5CuaunIiN0jaFz6xgM
W7Rb0YI/pHCx/rrrKM/ZiQiN8CvF/Z32HSXrQi4+Kt8tqH0OLrs=
=VXcm
-----END PGP SIGNATURE-----
Hi guys,
the quickstart documentation (which is a very nice piece of documentation) does
setup the memberOf plugin.
http://www.port389.org/docs/389ds/howto/quickstart.html
However the SSSD part does not mention that you need to have that plugin enabled
on the server, otherwise you will not get a working login. At least, I could not
get this to work without the plugin.
"dsidm localhost client_config sssd.conf server_admins"
This creates a sssd.conf that contains the following ldap filter:
> ldap_access_filter = (memberOf=cn=server_admins,ou=groups,dc=example,dc=org)
I have opened a PR against the wiki mentioning this in the SSSD part.
https://github.com/marcus2376/389wiki/pull/33
Kind Regards,
Johannes
--
Johannes Kastl
Linux Consultant & Trainer
Tel.: +49 (0) 151 2372 5802
Mail: kastl@b1-systems.de
B1 Systems GmbH
Osterfeldstraße 7 / 85088 Vohburg
http://www.b1-systems.de
GF: Ralph Dehner
Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
No comments:
Post a Comment