Thanks Michael!
No, we do not have uidNumber-based ACLs only DN based.
I will remove the uidNumber.
Thanks
Doug
Thanks,
Douglas Duckworth, MSc, LFCS
HPC System Administrator
Scientific Computing Unit
Physiology and Biophysics
Weill Cornell Medicine
E: doug(a)med.cornell.edu
O: 212-746-6305
F: 212-746-8690
On Wed, Oct 25, 2017 at 9:55 AM, Michael Ströder <michael(a)stroeder.com>
wrote:
> Douglas Duckworth wrote:
> > Do I need uidNumber for Service Accounts used for application / server
> > binding if this user won't actually be resolved by sssd or nslcd?
>
> In general if your client only binds to the LDAP server it doesn't need
> 'uidNumber' attribute. It just needs a bind-DN and a password in its
> config. I assume though that your LDAP server does not have ACLs based
> uidNumber-based filter affecting your client.
>
> And I don't know whether something else in your deployment needs it.
> This only you can find out.
>
> Ciao, Michael.
>
>