lynn wrote:
return only local users
I've never used 'sssd', and wondered if your problem had anything to do with settings in samba -- specifically those for winbind. I'm thinking that sssd doesn't use or care about winbind, but note -- winbind has params for enum users, enum groups, AND winbind **expand** groups. Expand groups controls the recursive expansion and defaults to '1' in samba. The enum controls also default to 'no'. You mention you turned on enumeration. In winbind, that usually means samba is allowed to return the list of "all users" or the list of "all group"... but doesn't control *expanding* those groups. I don't know if sssd has a similar parameter, but if you are using windows logins, are you sure you want sssd and not winbind? Second note -- you have access_provider = simple => meaning simple access list that does NOT enumerate. You also seem to be configuring ldap. Assuming you are using ldap, don't you want access_provider = ldap? Note -- I stress again --- I've never used sssd, so I really don't knowif either of the above are issues. Also note: getent only returns the given database's key-value. I don't see anything to indicate it can do anything other than that. I.e. if it DID expand things, then it wouldn't be returning the database key's value, which would seem to violate the documented behavior. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org