[Pkg-sssd-devel] Bug#806444: Configuration issue discovered
Peter Viskup
skupko.sk at gmail.com
Thu Dec 29 14:45:02 UTC 2016
You can close this bug report.
Discovered the configuration option "enumerate = true" for domain
solved the issue.
It is related to LDAP schema rfc2307 (default), which support ldap
group membership relation by memberUID attribute of group. In that
case the enumeration needs to be enabled to get list of all LDAP
groups populated into the cache.
Other solution would be to use rfc2307bis schema, which support ldap
group membership by user's memberOf attribute. In that case the
enumeration should not be needed as the user group membership will be
discovered within user information retrieval.
Maybe documentation could be improved.
--
Peter
More information about the Pkg-sssd-devel
mailing list