You can use ad for sudo_provider, but not for autofs - not yet :). BTW: the fix proposed earlier works indeed, specifying ldap_server explicitly disables SRV lookups. O. ________________________________ From: Andy Airey [airey.andy@gmail.com] Sent: Tuesday, December 01, 2015 6:08 PM To: End-user discussions about the System Security Services Daemon Subject: [SSSD-users]Re: How do I disable SRV lookup?
Yes, my sudo_provider and autofs_provider are set to ldap as you can see below.
Should I set it to ad? I use POSIX attributes for my users and groups and have the nisMap and sudo schema's published.
... id_provider = ad auth_provider = krb5 ldap_id_mapping = False access_provider = ad sudo_provider = ldap autofs_provider = ldap ...
Kind Regards,
Andy
On 24 November 2015 at 14:41, Jakub Hrozek <jhrozek@redhat.commailto:jhrozek@redhat.com> wrote: On Tue, Nov 24, 2015 at 01:17:18PM +0100, Andy Airey wrote:
Out of curiosity, what exactly is wrong with SRV lookups?
I did find some anomalies, like looking for SRV records in the correct _ldap._tcp.site.domain.comhttp://tcp.site.domain.com but still using servers from _ldap._ tcp.domain.comhttp://tcp.domain.com ...
This happens if one of the providers is set to something else than ad, right? (Typically sudo or autofs) _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.orgmailto:sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/admin/lists/sssd-users@lists.fedorahosted.org
-----
The information contained in this e-mail and in any attachments is confidential and is designated solely for the attention of the intended recipient(s). If you are not an intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or any part thereof. If you have received this e-mail in error, please notify the sender by return e-mail and delete all copies of this e-mail from your computer system(s). Please direct any additional queries to: communications@s3group.com. Thank You. Silicon and Software Systems Limited (S3 Group). Registered in Ireland no. 378073. Registered Office: South County Business Park, Leopardstown, Dublin 18.