I am using sssd to authenticate and identify users from AD using Kerberos and LDAP, however, I have to add auth/session/account sufficient pam-sss.so to /etc/pam.d/common-* files even if I check SSS authentication in pam-auth-update. Is this a bug in the package or am I missing some crucial step?
Asked
Active
Viewed 1,001 times
0
Kimvais
- 315
- 3
- 17
1 Answers
0
This sounds to me like you are on a Redhat based distro. I usually work with Debian based distros, where pam-auth-update does automatically configure the relevant files, and this e.g. adds a session optional pam_sss.so line. So I would say this sounds a little suspect.
However, sssd originates from the Redhat project, and I would be surprised if they had got it that wrong. Can you post some more details, please, like the distro and version you are using?
wolfgangsz
- 8,847
- 3
- 30
- 34
-
This is debian squeeze. – Kimvais May 18 '11 at 12:34
-
Actually, this is a follow-up to your answer at http://serverfault.com/questions/268880/debian-6-0-ad-integration/268958#268958 – Kimvais May 18 '11 at 12:36