[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: user removed from ldap group but Linux groups command still shows user as member of the group

To: Bernard Fay <bernard.fay@gmail.com>
Subject: Re: user removed from ldap group but Linux groups command still shows user as member of the group
From: Michael Wandel <m.wandel@t-online.de>
Date: Fri, 24 Feb 2017 17:36:43 +0100
Cc: openldap-technical@openldap.org
In-reply-to: <CAH3AE4ZVDoZzdaQgkA+r3JQti9m4Wf7LdesTLvFdDDPTeCLn7g@mail.gmail.com>
References: <CAH3AE4b16BtcjR+G0Yk7s-AERFfVkCvgY4FCv77i+xEy5JQLow@mail.gmail.com> <aca87856-9608-91c3-f41c-141ae648529d@t-online.de> <CAH3AE4ZMdmbHyZms5tXAi029vthz3S1q0rozD3rCmVw1_dAhMQ@mail.gmail.com> <0e592568-858a-6b02-568e-9596e90a336e@stroeder.com> <CAH3AE4aitEYsS6_zdHrBf8c3ZwD-+aWU2mTDmP4G6xDOXpbe6Q@mail.gmail.com> <ff154457-9ded-ac7a-3981-4a42ed388b1e@t-online.de> <CAH3AE4ZVDoZzdaQgkA+r3JQti9m4Wf7LdesTLvFdDDPTeCLn7g@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0

On 24.02.2017 16:21, Bernard Fay wrote:
> 
> On Fri, Feb 24, 2017 at 10:07 AM, Michael Wandel <m.wandel@t-online.de
> <mailto:m.wandel@t-online.de>> wrote:
> 
>     On 24.02.2017 16 <tel:24.02.2017%2016>:02, Bernard Fay wrote:
>     > sssd is not running and even removed.  At beginning we thought of using
>     > it as it is the recommended way to go. But sssd requires the use of a
>     > secured LDAP which we do not use as this LDAP is confined in a lab. We
>     > use nscd.
> 
>     This ist not correct, sssd need this only for the authprovider , the
>     idprovider can be used with plain ldap.
> 
>     best regards
> 
> 
> 
> I do not understand what is not correct in this.  The man page of
> sssd-ldap is clear about it.
> 
> 
IMHO it is better to use for this question the sssd mailing list or per pm.


best regards

michael
> 
>  
> 
>     Michael
>     >
>     >
>     >
>     > On Fri, Feb 24, 2017 at 9:56 AM, Michael Ströder <michael@stroeder.com <mailto:michael@stroeder.com>
>     > <mailto:michael@stroeder.com <mailto:michael@stroeder.com>>> wrote:
>     >
>     >     Bernard Fay wrote:
>     >     > passwd:     files sss ldap
>     >     > shadow:     files sss ldap
>     >     > group:      files sss ldap
>     >
>     >     This mix makes no sense at all. Either you use nss_sss to query sssd
>     >     (which has its own
>     >     cache in /var/lib/sss/db) or you use nss_ldap (direct or via
>     >     nss-pam-ldapd).
>     >
>     >     Decide which components you really want to use and clean your config
>     >     before going any
>     >     further.
>     >
>     >     Ciao, Michael.
>     >
>     >
> 
> 
> 


-- 
Michael Wandel
Braakstraße 43
33647 Bielefeld

References:
- user removed from ldap group but Linux groups command still shows user as member of the group
  - From: Bernard Fay <bernard.fay@gmail.com>
- Re: user removed from ldap group but Linux groups command still shows user as member of the group
  - From: Michael Wandel <m.wandel@t-online.de>
- Re: user removed from ldap group but Linux groups command still shows user as member of the group
  - From: Bernard Fay <bernard.fay@gmail.com>
- Re: user removed from ldap group but Linux groups command still shows user as member of the group
  - From: Michael Ströder <michael@stroeder.com>
- Re: user removed from ldap group but Linux groups command still shows user as member of the group
  - From: Bernard Fay <bernard.fay@gmail.com>
- Re: user removed from ldap group but Linux groups command still shows user as member of the group
  - From: Michael Wandel <m.wandel@t-online.de>
- Re: user removed from ldap group but Linux groups command still shows user as member of the group
  - From: Bernard Fay <bernard.fay@gmail.com>

Prev by Date: Re: user removed from ldap group but Linux groups command still shows user as member of the group
Next by Date: Re: user removed from ldap group but Linux groups command still shows user as member of the group
Index(es):
- Chronological
- Thread