On 07/31/2014 09:56 PM, XuQing Tan wrote:
Hi Folks
in our project, there is already one legacy openldap server runing.
we managed the user and groups with posixAccount and posixGroup.
recently, we setup ssh ldap integration with sssd, we can login to the
linux box with ldap user credentials, so far so good.
except one thing, we found there are some groups name are too long
(large than 32 char) which violate the 32 char unix group name length
contraints according to "groupadd" man page.
we can't modiy the attribute "cn" of posixGroup since it's already
used in other integrated system.
so i'm wondering, is there any way to map the unix group name to
something else, rather than the defualt attribute "cn"?
i did search the sssd conf manual, nothing found, so i'd like to
consult you here.
Thanks & Best Regards!
///
(. .)
--------ooO--(_)--Ooo--------
| Nick Tan |
------------------------------------
_______________________________________________
sssd-users mailing list
sssd-users(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users
see man sssd-ldap
ldap_group_name (string)
The LDAP attribute that corresponds to the group name.
Default: cn
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.