Thanks Michael!
No, we do not have uidNumber-based ACLs only DN based.
I will remove the uidNumber.
Thanks Doug
Thanks,
Douglas Duckworth, MSc, LFCS HPC System Administrator Scientific Computing Unit Physiology and Biophysics Weill Cornell Medicine E: doug@med.cornell.edu O: 212-746-6305 F: 212-746-8690
On Wed, Oct 25, 2017 at 9:55 AM, Michael Ströder michael@stroeder.com wrote:
Douglas Duckworth wrote:
Do I need uidNumber for Service Accounts used for application / server binding if this user won't actually be resolved by sssd or nslcd?
In general if your client only binds to the LDAP server it doesn't need 'uidNumber' attribute. It just needs a bind-DN and a password in its config. I assume though that your LDAP server does not have ACLs based uidNumber-based filter affecting your client.
And I don't know whether something else in your deployment needs it. This only you can find out.
Ciao, Michael.
openldap-technical@openldap.org