Re[2]: Map subjectSid to higher number
[Date Prev][Date Next] [Thread Prev][Thread Next]Re[2]: Map subjectSid to higher number
- From: Max Mustermann <3c2b2ff5 [at] inbox.ru>
- To: Arthur de Jong <arthur [at] arthurdejong.org>
- Cc: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Reply-to: Max Mustermann <3c2b2ff5 [at] inbox.ru>
- Subject: Re[2]: Map subjectSid to higher number
- Date: Mon, 07 Oct 2019 00:49:15 +0300
Perfect. Thanks a lot. I missed that in man (5) nslcd.conf
Sunday, October 6, 2019 1:06 PM +02:00 from Arthur de Jong <arthur@arthurdejong.org>:
On Wed, 2019-10-02 at 15:01 +0300, Max Mustermann wrote:
> AD Users could have SubjectSid in lower range 1000-3000, which may
> cause a conflict with local users.
> Is there a way to map these values to higher numbers? So for instance
> if the mapped SubjectSid for uidNumber
> and gidNumber is 1008 could it be mapped to something like 101008,
> just to avoid conflicts if the uidNumber is already taken?
You should be able to use nss_uid_offset option to change values found
in the directory to local values. This should also work correctly in
combination with the objectSid mapping.
Hope this helps,
--
-- arthur - arthur [at] arthurdejong.org - https://arthurdejong.org/ --
Best regards,
Max Mustermann
3c2b2ff5@inbox.ru
- Map subjectSid to higher number,
Max Mustermann
- Re: Map subjectSid to higher number,
Arthur de Jong
- Re[2]: Map subjectSid to higher number, Max Mustermann
- Re: Map subjectSid to higher number,
Arthur de Jong
- Prev by Date: Re: Map subjectSid to higher number
- Next by Date: pam_authz_search being ignored
- Previous by thread: Re: Map subjectSid to higher number
- Next by thread: pam_authz_search being ignored