I have the following sssd backend: ------------------------------------------------------------
domains = IPALDAP [domain/IPALDAP] id_provider = ldap auth_provider = ldap ldap_schema = IPA ldap_uri = ldap://ipa1.example.net, ldap://ipa2.example.net ldap_search_base = dc=example,dc=net ldap_user_search_base = cn=users,cn=accounts,dc=example,dc=net ldap_netgroup_search_base = cn=ng,cn=compat,dc=example,dc=net ldap_tls_cacert = /etc/ipa/ca.crt ldap_tls_reqcert = demand cache_credentials = false enumerate = true debug_level = 5 ------------------------------------------------------------ Why isn't "emilb" a member of the systemagic group??? # getent group|grep systema systemagic:*:10031:johanl,martinh # ldapsearch -x -h ipa1.example.net -b cn=accounts,dc=example,dc=net # cn=systemagic # extended LDIF # # LDAPv3 # base <cn=accounts,dc=example,dc=net> with scope subtree # filter: cn=systemagic # requesting: ALL # # systemagic, groups, accounts, example.net dn: cn=systemagic,cn=groups,cn=accounts,dc=example,dc=net objectClass: ipaobject objectClass: top objectClass: groupofuniquenames objectClass: ipausergroup objectClass: posixgroup objectClass: groupofnames objectClass: nestedgroup memberUid: susannek memberUid: martinh memberUid: johanl gidNumber: 10031 cn: systemagic ipaUniqueID: 329e0b6e-9ec5-11e1-8777-525400b94ff0 member: uid=johanl,cn=users,cn=accounts,dc=example,dc=net member: uid=martinh,cn=users,cn=accounts,dc=example,dc=net member: uid=emilb,cn=users,cn=accounts,dc=example,dc=net # search result search: 2 result: 0 Success -jf _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
