Hello All,
I would like to set up sssd on Centos6.
Previously I only connected servers to ldap using nslcd
Now I would like also to connect laptops using sssd.
To do this, I turned to this guide:
http://www.techrockdo.com/linux/cent...tion-with-sssd
So I ended up with this /etc/sssd/sssd.conf
[sssd]
config_file_version = 2
services = nss, pam
domains = LDAP
[nss]
filter_users = root,named,avahi,haldaemon,dbus,radiusd,news,nscd
[pam]
[domain/LDAP]
id_provider = ldap
auth_provider = ldap
chpass_provider = ldap
#access_provider = ldap
ldap_schema = rfc2307
ldap_uri = ldap://192.168.250.10
ldap_search_base = dc=xxxxxx,dc=xx
ldap_user_search_base = ou=xxxxxx,dc=xxxxx,dc=be
#ldap_group_search_base = ou=Groups,dc=xxxxx,dc=xx
enumerate = true
cache_credentials = true
ldap_tls_reqcert = never
#ldap_tls_cacertdir = /etc/openldap/cacerts
NOTE: ldap-server is reachable via openvpn ( 192.168.250.10 ) and we
don't have tls/ssl
I also edited the other files mentioned in the guide:
/etc/nsswitch.conf
/etc/pam.d/password-auth-ac
/etc/pam.d/system-auth-ac
So in the end, I am able to see user id en groups:
[root@centos-client ~]# id evervaet
uid=30407(evervaet) gid=100(users) groepen=100(users)
but that's about it. I'm unable to log in;
Permission denied
[root@centos-client ~]# ldapsearch -x -b "dc=xxx,dc=be"
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
Can anyone help me with this?
Thanks, Johan