Forgot to include in my original posting that I do have uidNumber = 2000
set in the User in AD already set.
Dn: CN=abrown,OU=Users,OU=example,DC=ad,DC=example,DC=com
accountExpires: 9223372036854775807 (never);
cn: abrown;
codePage: 0;
countryCode: 0;
displayName: Angela Brown;
distinguishedName:
CN=abrown,OU=Users,OU=example,DC=ad,DC=example,DC=com;
dSCorePropagationData: 0x0 = ( );
gidNumber: 1500;
givenName: Angelica;
homeDirectory: /home/abrown;
instanceType: 0x4 = ( WRITE );
loginShell: /bin/bash;
mail: abrown(a)example.com;
memberOf (9):
CN=allowedusers,OU=Groups,OU=example,DC=ad,DC=example,DC=com;
CN=testgroup,OU=Groups,OU=example,DC=ad,DC=example,DC=com;
CN=Services-All,OU=Groups,OU=example,DC=ad,DC=example,DC=com;
name: abrown;
objectCategory:
CN=Person,CN=Schema,CN=Configuration,DC=ad,DC=example,DC=com;
objectClass (4): top; person; organizationalPerson; user;
objectGUID: 2d23b2f8-b7ad-4826-8129-d0da3d00dcb5;
objectSid: S-1-5-21-2899899129-3095396270-1135405818-1638;
primaryGroupID: 513 = ( GROUP_RID_USERS );
pwdLastSet: 4/2/2015 6:20:14 PM Eastern Daylight Time;
sAMAccountName: abrown;
sAMAccountType: 805306368 = ( NORMAL_USER_ACCOUNT );
sn: Brown;
uid: abrown;
uidNumber: 2000;
userAccountControl: 0x200 = ( NORMAL_ACCOUNT );
userPrincipalName: abrown(a)example.com;
uSNChanged: 81899;
uSNCreated: 29756;
whenChanged: 4/8/2015 1:35:06 PM Eastern Daylight Time;
whenCreated: 3/18/2015 5:49:51 PM Eastern Daylight Time;
------ Original Message ------
From: "Simo Sorce" <simo(a)redhat.com>
To: "End-user discussions about the System Security Services Daemon"
<sssd-users(a)lists.fedorahosted.org>
Cc: "Sterling Sahaydak" <sterling.sahaydak(a)pi-coral.com>
Sent: 4/9/2015 10:01:48 AM
Subject: Re: [SSSD-users] sssd - CentOS to Active Directory - no errmsg
set and returning 0 results
On Thu, 2015-04-09 at 14:45 +0100, John Hodrien wrote:
> On Thu, 9 Apr 2015, Sterling Sahaydak wrote:
>
> > If you take a look at the listing of the user section I posted,
>you'll see
> > 2nd to the last line:
> >
> > ...
> > sn = Brown
> > uid = abrown
> > userPrincipalName = abrown(a)example.com
> >
> > As to your 2nd statement, I'm using OpenLDAP in conjunction with AD
>and
> > using OpenLDAP proxy to AD, thereby needing in sssd to have
>access_provider
> > = ldap
>
> Fair enough.
>
> uid is not a uid, it's a username. What *UID* are you expecting SSSD
>to hand
> out without using id mapping?
Hi John, for clarity, you are asking:
What uidNumber are you expecting SSSD to resolve ?
Simo.
--
Simo Sorce * Red Hat, Inc * New York