On Mon, Dec 01, 2014 at 10:00:59AM -0800, Octavian Afilipoai wrote:
I'm using the 2307 schema on the server. The sssd config is fairly straightforward:
[domain/default] #cache_credentials = True ldap_search_base = dc=myexample,dc=com id_provider = ldap auth_provider = ldap chpass_provider = ldap ldap_uri = ldaps://server_url/ tls_reqcert = demand ldap_tls_cacertdir = /etc/openldap/cacerts ldap_default_bind_dn = xxxxxxx ldap_default_authtok_type = password ldap_default_authtok = xxxxxxx
[sssd] services = nss, pam config_file_version = 2
domains = default
[nss] #filter_users = root,ldap,named,avahi,haldaemon,dbus,radiusd,news,nscd
I found this ticket which reports a similar problem, but, according to the comments it should be fixed for one of the versions I'm using (1.11.6): https://fedorahosted.org/sssd/ticket/1020
Sorry it took me so long to reply. Does the functionality work if you add: ldap_rfc2307_fallback_to_local_users = True
to the [domain/default] section and restart the SSSD ?