search for: auxaccount

Dear all, i have a problem with sssd in conjunction with ldap on a centos 7 x86_64 box. ldap works fine. I can login there as an usual user registred in ldap. I want now restrict the access with ldap's host attribute. This is beeing ignored. Still every ldap user can login, no matter what the host attribute says. I googled around and only found that sssd.conf need two lines: access_provider

...splus The ldap attributes of the user who can login, but should not: -------------------------------------------------------------- dn: uid=USER1,ou=XXXX,o=YYYY accountStatus: active objectClass: posixAccount objectClass: top objectClass: inetOrgPerson objectClass: shadowAccount objectClass: ibm-auxAccount objectClass: qmailUser objectClass: sambaSamAccount uid: USER1 uidNumber: **** shadowFlag: 0 shadowInactive: -1 gidNumber: *** shadowMin: -1 shadowMax: 999999 homeDirectory: /home/USER1 sn: USER1 mail: USER1 at my.doma.in mailHost: lmtp:unix:/var/lib/imap/socket/lmtp shadowWarning: 7 sambaSID: ****...