On 08/21/2015 05:07 PM, Dmitri Pal wrote:
On 08/21/2015 09:04 AM, Pierre Neyron wrote:
> Hi,
>
> I would like to use SSSD to allow authentication on linux machines for
> users managed in 2 LDAP bases.
>
> While SSSD is capable of supporting several domains, it seems to only
> allow to handle the case where uid/gid are well partitioned between the
> bases, with no conflicts (each base having its own uid/gid range).
>
> I'm wondering if there is any plan to add support in SSSD for
> renumbering uid and gid in the case of bases which are not well
> partitioned ?
> Or if anyone already faced the problem and found a nice way to manage
> such a use case ?
>
> Thanks,
> BR
>
In general this is a bad practice to have users with overlapping uids/gids
There is a feature in works to allow local uid/gid overrides.
I do nto know if this feature is per domain or global.
If per domain it might help you.
Hi, this feature is going to be part of 1.13.1.
Also not all users might need to be treated as POSIX users. This is also
something being explored.