[Freeipa-users] Non-human users
Orion Poplawski
orion at cora.nwra.com
Fri Feb 15 19:23:21 UTC 2013
On 02/15/2013 12:01 PM, Orion Poplawski wrote:
>
> I've been trying to track down any bugs I may have filed without success, but
> I'm pretty sure I tried at first adding a system user to LDAP groups and that
> not working unless the system user was in LDAP. This may have been before I
> started using SSSD on the servers so I'll need to retest this.
This still appears to be the case. As soon as I removed the system user from
our current ldap database, id now longer reported any other group memberships.
This is with the default using "memberUid" for group membership. With the
IPA schema of recording group membership with the full dn, it seems the user
would have to be in the database to have a dn.
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder Office FAX: 303-415-9702
3380 Mitchell Lane orion at nwra.com
Boulder, CO 80301 http://www.nwra.com
More information about the Freeipa-users
mailing list