-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/10/2010 01:36 PM, Martinsson Patrik wrote:
>'memberOf' is the reverse of 'member', not of
'memberuid'. AD doesn't
> create the 'memberOf' backlink for entries specified by 'memberuid'
> (because 'memberuid' members are also not required to be in the
central
> server; they can be local accounts or accounts provided by a different
> directory like NIS)
Ok, understood.
> I'm not sure what the relevance is to that statement. If you're using
> 'ldap_schema = rfc2307', then it should be adding all members that
> appear as 'memberuid' in the group.
>
> I guess I don't understand what your question is here. It looks like
> things are behaving as expected.
Well, the group aapp has 6 memberUid, but only three of them is added by
sssd, how is that correct ? Or what am I missing ?
Here are the users according to ldapsearch,
dn: CN=aapp,OU=Groups,DC=xx,DC=xx,DC=xx
memberUid: a001721
memberUid: a000569
memberUid: a000680
memberUid: a001406
memberUid: a000898
memberUid: a000590
Here are the users beeing added by sssd,
a001721
a001406
a000898
And that is with ldap_schema = rfc2307 in the config.
/Patrik Martinsson
Do the members a000569, a000680 and a000590 exist in the directory
server if you look them up directly?
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org/
iEYEARECAAYFAk0CdXEACgkQeiVVYja6o6NArQCfUUkqD2J8ObDZeW5YdSVIxkpO
VBsAoJuSZT3rNP04PsZoVfT3+kn7u4gh
=0/FV
-----END PGP SIGNATURE-----