I've read that redhat's going to deprecate nslcd, and sssd is the future. So, I was following a video that shows how to setup IPA clients using authconfig-tui. Yes, I'm aware that it's been deprecated, but I still wanted to try it. In the video, the author completes the installation and has the IPA client use sssd. However, when I did the exact same steps, I found that my installation used nscld. Here's what I did:
- Set up local hostname resolution using /etc/hosts.
- Configured my network connection (ens33) to use the IP of the ipa-server as a DNS. Restarted NetworkManager and checked that the DNS was set to the new IP in
/etc/resolv.conf - Launched
authconfig-tuiand followed the on-screen instructions.
Now, my ipa server (installed using ipa-server-install) is running perfectly! However, on the client side, I had to install both nss-pam-ldapd and pam_krb5 packages when the authconfig-tui utility complained. Then, finally once the packages were installed, the authconfig-tui utility succeeded. I can connect to the ipa server from the client with nslcd. However, I want to use sssd, since the former's been deprecated.
When I tried to start the sssd service, it complained that there wasn't a config for it in /etc/sssd/sssd.conf. So, I copied one from /usr/lib64/sssd/conf/sssd.conf. Then I changed it's permissions to 600 so that only user root can read/write it, as demanded by the manual. Now sssd starts, and works! However, authconfig-tui still tries to use nslcd - even if nscld service is disabled, it'll enable it and start it, even though sssd is available. How do I fix this?
