What you may want to do is start limiting the search base for users and groups if you want to limit visibility.  I proposed an RFE to make this easier in SSSD, but it is not something that has much focus at this point.


On 05/26/2017 02:47 PM, Ali, Saqib wrote:

We are using SSSD for authentication using LDAP. And I filter the user access using simple_allow_groups as follows:

access_provider = simple
simple_allow_groups = Computer Admins

Is it possible to get a list of ONLY allowed users using getent?

There is an option enumeration, but this lists all users.

I am only interested in the allowed users.



_______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org