Hi guys, the quickstart documentation (which is a very nice piece of documentation) does setup the memberOf plugin. http://www.port389.org/docs/389ds/howto/quickstart.html However the SSSD part does not mention that you need to have that plugin enabled on the server, otherwise you will not get a working login. At least, I could not get this to work without the plugin. "dsidm localhost client_config sssd.conf server_admins" This creates a sssd.conf that contains the following ldap filter: > ldap_access_filter = (memberOf=cn=server_admins,ou=groups,dc=example,dc=org) I have opened a PR against the wiki mentioning this in the SSSD part. https://github.com/marcus2376/389wiki/pull/33 Kind Regards, Johannes -- Johannes Kastl Linux Consultant & Trainer Tel.: +49 (0) 151 2372 5802 Mail: kastl@xxxxxxxxxxxxx B1 Systems GmbH Osterfeldstraße 7 / 85088 Vohburg http://www.b1-systems.de GF: Ralph Dehner Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
