I need to authenticate users using two separate LDAP servers. Have configured SSSD with two domains but only one seems to be working. I ran the command authconfig --enablemkhomedir --enablesssd --enablesssdauth --updateall and updated sssd.conf as follows:
[sssd]
domains = domain1, domain2
services = nss, pam
config_file_version = 2
[nss]
filter_groups = root
filter_users = root
[pam]
offline_credentials_expiration = 0
[domain/domain1]
auth_provider = ldap
id_provider = ldap
ldap_uri = ldaps://domain1
ldap_tls_reqcert = allow
[domain/domain2]
auth_provider = ldap
id_provider = ldap
ldap_uri = ldaps://domain2
ldap_tls_reqcert = allow
The results are that a user from domain2 (user2) is recognized but a user from domain1 (user1) is not found:
# id user2
uid=10(user2) gid=10(admin) groups=10(admin)
# id user1
id: 'user1': no such user
Any ideas to get domain1 working? That server/auth was working fine when we were back with nslcd.conf but of course couldn't use two servers with nslcd, only the first server defined would work. I'm a n00b when it comes to this stuff and all the nscd, nslcd, nsswitch.conf, authconfig, etc gets pretty confusing. I didn't notice any errors in the /var/log/messages or SSSD logs.
