On Thu, 2023-02-23 at 11:21 +0100, Alexey Tikhonov wrote:
> From a practical point of view, for 'auth_provider=krb5' & local
> users
> case we now tend to recommend using 'id_provider = proxy' with lib
> 'files'.
> 'Files provider' might be deprecated / removed upstream going
> forward.
Is there more information on this?
Most probably sssd-2.9 upstream release will have a build time ./configure option to enable/disable support of 'files provider'.
It's up to the downstream maintainer if they will keep it enabled.
My federation system provides an "passwd format" file that I'm loading
via
group_files=/etc/sssd_git/group
passwd_files=/etc/sssd_git/passwd
pwfield=*
Could you please check if `sssd-proxy` with `nss-altfiles` as a lib works for your case?