Stack Overflow
Stack Overflow

Questions tagged [sssd]

SSSD is a system daemon that provides access to identity and authentication remote resource through a common framework that can provide caching and offline support to the system.

SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms.

It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources as well as a D-Bus interface.

It is also the basis to provide client auditing and policy services for centralised identity management systems such as FreeIPA and Active Directory.

In addition, it provides a more robust database to store local users as well as extended user data.

67 questions
0
votes
0 answers

Authenticate to Kafka from a different AD domain using keytab

Trying to authenticate between two different AD domains using a keytab, in order to read from a Kafka topic. So system A has AD domain A, a valid user/keytab in domain A etc, a valid sentry role, a Kafka topic, consumer group etc. System B is in AD…
Chompers
  • 11
  • 2
0
votes
1 answer

Log in unsuccessful SSSD PAM LDAP

I have recently installed and setup sssd, pam and ldap on a host for connectivity to a LDAP server. however it is failing. here is a snippet from the SSSD logs: (Wed Feb 20 15:07:35 2019) [sssd[be[default]]] [fo_resolve_service_send] (0x0100):…
rehna
  • 47
  • 2
  • 9
0
votes
3 answers

SSSD on docker container (Ubuntu)

I am trying to integrate ubuntu docker container with FreeIPA and getting below error while installing FreeIPA-client --install Created /etc/ipa/default.conf New SSSD config will be created Configured sudoers in /etc/nsswitch.conf Configured…
Nuthan Kumar
  • 483
  • 5
  • 22
0
votes
2 answers

PHP running as apache user, isn't a member of any LDAP groups of which apache is a member

In short code executed by PHP as user apache, doesn't seem to have write access to groups which apache is a member of, that apache can write to on a shell. So I have a user apache on a production server. If I run id apache I see apache as a…
sibaz
  • 1,242
  • 14
  • 26
0
votes
1 answer

Single AD Forest - dev and prod environemtns

I have a single AD Forest (Azure AD Domain Services to be more specific) and I have two environments (dev and prod), which talk to it. Let's say the domain name is: example.com Imagine I have a VM in each environment with hostname: foo. Now I want…
Messi Of DevOps
  • 43
  • 7
0
votes
2 answers

LDAP implementation

I want to implementation centralize auth using AWS Simple AD (samba). The client machine is linux based (ubuntu and amazon linux). Ony my ldap, i just creat one user (cn=test) under dc=ldap,dc=test,dc=io. I am using sssd as the auth client from my…
user3404621
0
votes
1 answer

Freeipa SSH Pubkey + OTP without Password

Does anyone know how to configure a host connected to Freeipa so that 2FA passes by SSH PubKey + OTP, and not by password + OTP? my sshd_config include: UsePAM yes ChallengeResponseAuthentication yes AuthenticationMethods…
Qudu Duqu
  • 1
  • 2
0
votes
0 answers

Activate debugging mode for sssd service

I encountred a problem when I restarted sssd service: Stopping sssd: cat: /var/run/sssd.pid: No such file or directory [FAILED] Starting sssd: [FAILED] So i need to activat the debug mode to…
HISI
  • 4,557
  • 4
  • 35
  • 51
0
votes
1 answer

FreeIPA-Client sssd.service warning/failure

This warning is while installing ipa-client in ubuntu. Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode Warning failed to create cache: usr.sbin.sssd Job for sssd.service failed because the control process exited…
Shann
  • 311
  • 1
  • 2
  • 9
0
votes
1 answer

SSSD LDAP Setup for HDP

I am setting up SSSD for one of the HDP setup. While SSSD is trying to sync users and groups, I am getting the following error message (Tue Aug 29 07:58:12 2017) [sssd[be[LDAP]]] [sdap_save_user] (0x0020): User [ambari-qa] filtered out! (primary…
Mukund
  • 916
  • 2
  • 11
  • 18
0
votes
1 answer

SSSD and LDAP: no uid provided for user

I have been trying to integrate sssd with LDAP. We use OUD in our environment. The user containing 12 characters in its uid can not connect to the server resulting in error in the log: no uid provided ... (Thu May 18 10:47:23 2017) [sssd[be[LDAP]]]…
Tina
  • 1
  • 1
0
votes
1 answer

Core OS LDAP Integration

I want to integrate coreos with Open LDAP. I don't see documentation in coreos page. How to install libnss ldap package and proceed? Any one has the instructions?
Umapathy
  • 106
  • 1
  • 3
  • 9
0
votes
2 answers

OpenLDAP Authentication filter

we're using openldap server with sssd for user authentication on centos and everything works fine. however, when we try to setup access filter to restrict login to users of a certain group (linuxgroup) as there are a lot of other users in the…
Daniel
  • 269
  • 4
  • 15
-1
votes
0 answers

Configuring Sudo to use AD/LDAP password

Looking into the feasibility of configuring our VMs (RHEL 8) so users in the wheel group use their LDAP password to authenticate for Sudo What I've done so far is configured sssd for LDAP authentication, and added this to sudoers: Defaults…
user3777740
  • 31
  • 6
-1
votes
0 answers

Translation shared object linux

I have Active Directory server on windose and user-station on linux. When it is time to change user password, the user have change it. But help message in lightdm don't apply the system locale and shown message on English. So i found shared object…
Ruslan Muzhichkov
  • 7
  • 1
1 2 3
4
5