On Wed, Feb 20, 2013 at 08:23:04AM +0100, Michael Ströder wrote:
Pavel Březina wrote:
>> But I'm struggling that groups are not correctly retrieved - see my last
>> attempt of sssd.conf attached.
>>
>> 1. After login id does not show the user's groups although the OpenLDAP
logs
>> show that group entries are searched and returned to sssd by OpenLDAP's
slapd.
>
> can you raise debug level in nss, sudo and domain section to 9 (put
> debug_level = 9 in [nss], [sudo] and [domain/yourdomain] sections in
> sssd.conf? What does the logs say?
It turned out to be a bug in our own Debian package.
The lib memberof.so was not found.
Now I'm still working on getting sudoers to work via sssd. But that's another
story...
Glad the issue was resolved! Feel free to ping this list again if you
can't get the sudo integration working. Please note you need relatively
recent sudo built with the --with-sssd (not sure if Debian would do that
even in -unstable/-testing)