[SSSD-users] sssd and netgroups

25 Jul 2012

      Hi there,
I am new to sssd. I have setup a CentOS sssd (1.8.0) and
LDAP authentication. The LDAP stuff seems to work. I want
to restrict logins to users of certain netgroups. Usually
we do this with "compat" in /etc/nsswitch.conf and entries
like "+@groupname" in /etc/passwd.
Does this mechanism work with sssd? Right now I have:
passwd:     files sss
shadow:     files sss
group:      files sss
and it seems that all users from the users LDAP subtree could
login, "getent passwd" shows all LDAP users.
If I change this to
passwd:     compat
shadow:     compat
group:      compat
passwd_compat:  sss
group_compat:   sss
"getent passwd" only shows local users from the passwd file.
Thanks for any help,
  Olaf
-- 
Olaf Gellert                          email  gellert@dkrz.de
Deutsches Klimarechenzentrum GmbH     phone  +49 (0)40 460094 214
Bundesstrasse 45a                     fax    +49 (0)40 460094 270
D-20146 Hamburg, Germany              www    http://www.dkrz.de

Sitz der Gesellschaft: Hamburg
Geschäftsführer: Prof. Dr. Thomas Ludwig
Registergericht: Amtsgericht Hamburg, HRB 39784

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

[SSSD-users] sssd and netgroups