Re: ldap host attribute is ignored

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 05/15/2015 03:07 AM, Ulrich Hiller wrote:
the uid is below 2000. If you want to know the real number: it is 1026.

I'm happy to help, but I have to point out that we've been chasing this problem for ten days now, and the problem would be been pretty obvious if you had not obscured the uidNumber to begin with.

Please don't obscure information that isn't security-sensitive.

Your uidNumber is not sensitive. Your Samba SID is not sensitive. These things can't be used to launch an attack on your system. Obscuring them wastes your time, above all.

But when i set the 2000 to 1000:
account     sufficient    pam_succeed_if.so uid < 1000 quiet
i cannot login at all. "Permission denied"

What do the logs say? If the "secure" log doesn't clarify the problem, then set debugging on sssd to 7 and check that log as well.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux