This is a change in both operating system and OpenLDAP software version. We have been testing the new servers for several months and do not expect any problems, but please inform help@eecs if you have any issues after the upgrade.
One enhancement is the addition of the memberOf overlay. This puts a new attribute (memberOf) in each person’s record to reflect LDAP groups they are members of, and is needed for some authorization situations.
Unix groups and automount maps are now also published in LDAP. Documentation is being prepared which will describe how to configure sssd on Unix/Linux machines to use these new OUs in LDAP instead of NIS.
[2017-08-15 19:43:50 | Rob McNicholas]
During the maintenance window, basic LDAP queries were working but authentication was not.
A “helper app” called saslauthd was not starting on the new LDAP servers. This is what allows LDAP to authenticate against passwords in our Windows Active Directory. Without this running, no passwords were being recognized. This was fixed around 7:30pm.
Resolved as of 2017-08-15 19:30:00