Hello,
I would like to change the search-filter for sssd because I created my own Group-Objectclass, but if I do a "getent group" I will not see my own group. My sssd.conf looks like this: ------------------ [sssd] config_file_version = 2 services = nss, pam domains = LDAP
[domain/LDAP] ldap_schema=rfc2307 ldap_uri = ldap://ldapserver.example.net:389 ldap_search_base=dc=example,dc=net ldap_default_bind_dn=uid=sssd-user,ou=users,dc=example,dc=net ldap_default_authtok=geheim id_provider=ldap auth_provider=ldap chpass_provider = ldap ldap_chpass_uri = ldap://ldapmaster.example.net:389 cache_credentials = True enumerate = true ldap_tls_cacertdir = /etc/ssl/zertifikate/demoCA ldap_tls_cacert = /etc/ssl/zertifikate/demoCA/cacert.pem ------------------
Everytime I do a "getent group" I see the following lines inside the log: ------------------ Nov 02 13:10:47 ldapserver slapd[2007]: conn=1044 op=1 BIND dn="uid=sssd-user,ou=users,dc=example,dc=net" mech=SIMPLE ssf=0 Nov 02 13:10:47 ldapserver slapd[2007]: conn=1044 op=1 RESULT tag=97 err=0 text=
Nov 02 13:10:47 ldapserver slapd[2007]: conn=1044 op=2 SRCH base="dc=example,dc=net" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=*)(uidNumber=*)(gidNumber=*))" ------------------- Is it possible to change the Filter: (&(objectClass=posixAccount)(uid=*)(uidNumber=*)(gidNumber=*))
If "yes" how can I do this? I read to many howtos but I could not find a solution.
Thanks for your help
Stefan --
sssd-users@lists.fedorahosted.org