Rechercher
SupportConsoleDéveloppeursCommencer un essaiContact

Chapitre 6. SSSD client-side view

download PDF

SSSD provides the sss_override utility, which allows you to create a local view that displays values for POSIX user or group attributes that are specific to your local machine. You can configure overrides for all id_provider values, except ipa.

If you are using the ipa provider, define ID views centrally in IPA. For more information, see Using an ID view to override a user attribute value on an IdM client.

For information about a potential negative impact on the SSSD performance, see Potential negative impact of ID views on SSSD performance.

6.1. Overriding the LDAP username attribute

As an administrator, you can configure an existing host to use accounts from LDAP. However, the values for a user (name, UID, GID, home directory, shell) in LDAP are different from the values on the local system. You can override the LDAP username attribute by defining a secondary username with the following procedure.

Conditions préalables

  • root access
  • Installed sssd-tools

Procédure

  1. Display the current information for the user: 

    # id username

    Replace username with the name of the user.

  2. Add the secondary username: 

    # sss_override user-add username -n secondary-username

    Replace username with the name of the user and replace secondary-username with the new username.

  3. After creating the first override using the sss_override user-add command, restart SSSD for the changes to take effect: 

    # systemctl restart sssd

Verification steps

  • Verify that the new username is added: 

    # id secondary-username

  • Optional. Display the overrides for the user: 

    # sss_override user-show user-name
user@ldap.example.com:secondary-username::::::

    Exemple 6.1. Defining a secondary username

    To add a secondary username sarah for the user sjones:

    1. Display the current information for the user sjones: 

      # id sjones
uid=1001(sjones) gid=6003 groups=6003,10(wheel)

    2. Add the secondary username: 

      # sss_override user-add sjones -n sarah

    3. Verify that the new username has been added and overrides for the user display correctly: 

      # id sarah
uid=1001(sjones) gid=6003(sjones) groups=6003(sjones),10(wheel)

# sss_override user-show sjones
user@ldap.example.com:sarah::::::

Ressources supplémentaires

  • sss_override man page
Red Hat logoGithubRedditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez leBlog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

© 2024 Red Hat, Inc.