Hi, this is my first post to this group, I hope someone can help me.
I'm interested to map ID mapping and authentication from a LDAP Server
in a CentOS 6.5 box.
The LDAP Server (running IBM TDS afaik) is managed by a third party
provider, so I just can make queries but not modifications.
I noted that there's no posixAccount objectClass in LDAP users, so I
wonder, How can I integrate those users using SSSD? This is an example
of my domain:
[
domain/custom.domain.com]
id_provider = ldap
auth_providers = ldap
chpass_provider = ldap
ldap_uri =
ldaps://directory.domain.com
ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt
#ldap_search_base = ""
ldap_id_use_start_tls = true
cache_credentials = false
enumerate = false
use_fully_qualified_names = false
#ldap_user_name = notesShortName
As you can see, I tried to use "ldap_user_name" but without luck. I'm
concerned about entries that don't exist on the LDAP server like
homeDirectory or loginShell. Can SSSD deal with those attributes not
present?
I like to use just the credentials (user authentication) from the LDAP
server to get my users logged in my linux box.
I hope someone understand this scenario and can be able to help me.
Thanks in advance.