On Wed, Jan 08, 2020 at 11:49:53PM -0000, Roy Presley wrote:
I have a use case with a local domain (files) that requires a
one-to-many relationship between a Linux user account and alternate smartcard token user
names, i.e., I have multiple users with individual smartcards that need to be able to
authenticate to a single Linux user account.
Based on the sssd documentation and my observation, the sssd.conf file only matches the
last matchrule supplied. This appears to force a one-to-one relationship between a Linux
user account and a smartcard token user name.
Is there a way to create a matchrule (or rules) that will allow the use of multiple
smartcards with a single Linux user account? Thanks.
Hi,
you can use the or operator '||' in a matchrule, e.g.
matchrule = ||<SUBJECT>^CN=user1,DC=domain$<SUBJECT>^CN=user2,DC=domain$
Does this help?
bye,
Sumit
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...