Dies ist eine alte Version des Dokuments!
Serverseitig wird die selbe Konfiguration benötigt wie bei nss-ldap
Pakete:
sssd sssd-tools
nscd
entfernencp /usr/share/doc/sssd/examples/sssd-example.conf /etc/sssd/sssd.conf
/etc/sssd/sssd.conf
:
[sssd] config_file_version = 2 services = nss, pam domains = LDAP [nss] [pam] [domain/LDAP] id_provider = ldap auth_provider = ldap ldap_schema = rfc2307 ldap_uri = ldap://vm1.example.com ldap_search_base = dc=example,dc=com cache_credentials = true
/etc/nsswitch.conf
:
passwd: files sss group: files sss shadow: files sss netgroup: nis sss
pam-auth-update
→
/etc/pam.d/common-account
:
account [default=bad success=ok user_unknown=ignore] pam_sss.so
/etc/pam.d/common-auth
:
auth [success=1 default=ignore] pam_sss.so use_first_pass
/etc/pam.d/common-password
:
password sufficient pam_sss.so
/etc/pam.d/common-session
:
session optional pam_sss.so