[gpfsug-discuss] Question concerning integration of CES with AD authentication system
Skylar Thompson
skylar2 at uw.edu
Thu May 24 15:16:32 BST 2018
I haven't needed to change the LDAP attributes that CES uses, but I do see
--user-id-attrib in the mmuserauth documentation. Unfortunately, I don't
see an equivalent one for gidNumber.
On Thu, May 24, 2018 at 08:45:00AM +0000, Dorigo Alvise (PSI) wrote:
> Dear members,
> at PSI I'm trying to integrate the CES service with our AD authentication system.
>
> My understanding, after talking to expert people here, is that I should use the RFC2307 model for ID mapping (described here: https://goo.gl/XvqHDH). The problem is that our ID schema is slightly different than that one described in RFC2307. In the RFC the relevant user identification fields are named "uidNumber" and "gidNumber". But in our AD database schema we have:
>
> # egrep 'uid_number|gid_number' /etc/sssd/sssd.conf
> ldap_user_uid_number = msSFU30UidNumber
> ldap_user_gid_number = msSFU30GidNumber
> ldap_group_gid_number = msSFU30GidNumber
>
> My question is: is it possible to configure CES to look for the custom field labels (those ones listed above) instead the default ones officially described in rfc2307 ?
>
> many thanks.
> Regards,
>
> Alvise Dorigo
> _______________________________________________
> gpfsug-discuss mailing list
> gpfsug-discuss at spectrumscale.org
> http://gpfsug.org/mailman/listinfo/gpfsug-discuss
--
-- Skylar Thompson (skylar2 at u.washington.edu)
-- Genome Sciences Department, System Administrator
-- Foege Building S046, (206)-685-7354
-- University of Washington School of Medicine
More information about the gpfsug-discuss
mailing list