[CentOS] sssd - ldap host attribute ignored
Gordon Messmer
gordon.messmer at gmail.com
Tue Feb 24 00:06:35 UTC 2015
On 02/23/2015 03:59 AM, Ulrich Hiller wrote:
>
> /etc/sssd/sssd.conf:
> [domain/default]
> access_provider = ldap
> ldap_access_filter = memberOf=ou=YYYY,o=XXXX
> ldap_access_order = host
Because ldap_access_order doesn't include "filter", ldap_access_filter
will not be used. You can remove that.
Aside from that, it would be helpful to see the entry for one of the
users who can log in and should not be able to.
Make sure you flush the cache before testing.
> /etc/ldap.conf:
I don't think that file is relevant.
More information about the CentOS
mailing list