unfortunately i got a syntax error with this method "ldap_access_filter = host='HOSTNAME' " and sssd did not restart. i added the line ldap_user_authorized_host = host without success I have to admit that i do not have any idea where to look for the problem: - is it sssd? I have the version 1.12.2 - is it pam (something in /etc/pam.d) - is is ldap (etc/ldap.conf)? - is it /etc/nsswitch.conf? The auhtentication with username and password works. Only the host attribute is the problem. We have several opensuse boxes of different OS versions running, and ther it works very good. So i do not thing there is a problem on the ldap server. With kind regards, ulrich On 05/05/2015 03:43 PM, Kai Grunau wrote:> hi, > > On 05/05/2015 12:02 PM, Ulrich Hiller wrote: >> access_provider = ldap >> ldap_access_filter = memberOf=ou=YYYY,o=XXXX >> ldap_access_order = host >> > > > > try instead of "ldap_access_order = host" parameter > "ldap_access_filter = host='HOSTNAME' " to use > > regards, Kai > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > >
Ulrich Hiller wrote:> unfortunately i got a syntax error with this method "ldap_access_filter > = host='HOSTNAME' " and sssd did not restart. > i added the line > ldap_user_authorized_host = host > without success > > I have to admit that i do not have any idea where to look for the problem:<snip> google centos "ldap_access_filter" host and about the first hit is this thread, which may help you. <http://serverfault.com/questions/564255/sssd-ignoring-ldap-access-filter> mark
I already have seen this page, but it does not help me. But anyway, thanks a lot for your help. With kind regards, ulrich On 05/05/2015 05:47 PM, m.roth at 5-cent.us wrote:> Ulrich Hiller wrote: >> unfortunately i got a syntax error with this method "ldap_access_filter >> = host='HOSTNAME' " and sssd did not restart. >> i added the line >> ldap_user_authorized_host = host >> without success >> >> I have to admit that i do not have any idea where to look for the problem: > <snip> > google centos "ldap_access_filter" host > > and about the first hit is this thread, which may help you. > > <http://serverfault.com/questions/564255/sssd-ignoring-ldap-access-filter> > > mark > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > >