On 05/11/2015 10:06 AM, Ulrich Hiller wrote:
Hmmm...., i have made now a complete new install but the problem
persists: ldap authentication works, but the host attribute is ignored.
Hate to say that we're running out of options. I had a CentOS 7 system
similar to yours, with LDAP authentication. I added three lines to
sssd.conf (for access provider, etc), restarted sssd, and users with no
"host" attribute were denied. I didn't actually test users with a host
attribute that didn't match, or with deny rules. So maybe there's a bug
that needs to be looked at? Does authentication work for users that
have no "host" attribute at all?
I have installed CentOS7 64bit with KDE.
I did not do any 'yum update' or install of extra packages so far.
Update, see if that makes a difference.
After that you'll probably have to turn up logging in sssd and check its
logs to see what it's doing.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos