[CentOS] ldap host attribute is ignored

Mon May 11 19:29:52 UTC 2015
Ulrich Hiller <hiller at mpia-hd.mpg.de>

> Hate to say that we're running out of options.  I had a CentOS 7 system
> similar to yours, with LDAP authentication.  I added three lines to
> sssd.conf (for access provider, etc), restarted sssd, and users with no
> "host" attribute were denied.  I didn't actually test users with a host
> attribute that didn't match, or with deny rules.  So maybe there's a bug
> that needs to be looked at?  Does authentication work for users that
> have no "host" attribute at all?

yes, it works for users that have no "host" attribute at all

>> I have installed CentOS7 64bit with KDE.
>> I did not do any 'yum update' or install of extra packages so far.
> Update, see if that makes a difference.

i did it, rebooted it. No differnce

> After that you'll probably have to turn up logging in sssd and check its
> logs to see what it's doing.

That's a good hint. I'll do that tomorrow.

With kind regards, ulrich