Hello All,

I would like to set up sssd on Centos6.
Previously I only connected servers to ldap using nslcd
Now I would like also to connect laptops using sssd.

To do this, I turned to this guide:
http://www.techrockdo.com/linux/cent...tion-with-sssd
So I ended up with this /etc/sssd/sssd.conf

[sssd]
config_file_version = 2
services = nss, pam
domains = LDAP

[nss]
filter_users = root,named,avahi,haldaemon,dbus,radiusd,news,nscd
[pam]

[domain/LDAP]
id_provider = ldap
auth_provider = ldap
chpass_provider = ldap
#access_provider = ldap


ldap_schema = rfc2307
ldap_uri = ldap://192.168.250.10
ldap_search_base = dc=xxxxxx,dc=xx
ldap_user_search_base = ou=xxxxxx,dc=xxxxx,dc=be
#ldap_group_search_base = ou=Groups,dc=xxxxx,dc=xx
enumerate = true
cache_credentials = true
ldap_tls_reqcert = never
#ldap_tls_cacertdir = /etc/openldap/cacerts

NOTE: ldap-server is reachable via openvpn ( 192.168.250.10 ) and we
don't have tls/ssl

I also edited the other files mentioned in the guide:
/etc/nsswitch.conf
/etc/pam.d/password-auth-ac
/etc/pam.d/system-auth-ac

So in the end, I am able to see user id en groups:

[root@centos-client ~]# id evervaet
uid=30407(evervaet) gid=100(users) groepen=100(users)

but that's about it. I'm unable to log in;
Permission denied

[root@centos-client ~]# ldapsearch -x -b "dc=xxx,dc=be"
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

Can anyone help me with this?

Thanks, Johan

You could try using authconfig .. it should work out of the box.

Maybe start with this example and adjust if required:

Hello Kbp,

thanks very much for the reply.
Apologies for not following up sooner.
I am going to test this now.

greetings, Johan