Learn more about these different git repos.
Other Git URLs
i am trying to specify asterisk(*) as a value for ldap_group_object_class but sssd escapes this symbol as \2a.
That's by desing, we don't really support saying "any" with the OC parameter.
What usecase are you trying to solve? Maybe we could help you find some better solution.
we use ldap sever (neither openldap nor AD) with a schema not fully corresponding to the one supported in sssd.
an account is described as uid=$user,cn=domain (objectclass=myUser). it contains uidNumber and gidNumber and other attributes.
a group is described as uid=$group,cn=domain (objectclass=myGroup). it contains gidNumber and other attributes.
to fully use posix acl in modern linux private user group should be created. usually its name should be equal to the user name.
we want sssd to get name of private user group as user account name. in other words to search groups using objectclass=myUser OR objectclass=myGroup :
[(&(uid=groupname)(objectclass=)(uid=)(&(gidNumber=*)(!(gidNumber=0))))][cn=domain]
_comment0: we use ldap sever (neither openldap nor AD) with a schema not fully corresponding to the one supported in sssd.
[(&(uid=username)(objectclass=)(uid=)(&(gidNumber=*)(!(gidNumber=0))))][cn=domain] => 1366892708760973
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.12 beta rhbz: => todo
changelog: => mark: => 0 priority: major => trivial sensitive: => 0
User private groups are tracked in #1872, closing as a duplicate
resolution: => duplicate status: new => closed
rhbz: todo => 0
Metadata Update from @aigoshin: - Issue set to the milestone: SSSD 1.14 beta
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2937
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.