Hi SSSD list!
Connecting Linux hosts to Active Directory using sssd via
id_provider=ldap and auth_provider=krb5 needs in our case an
authenticated ldap access. Until now the option is (as far as I know) to
put username and password of an AD user in the sssd.conf to get
authenticated access.
Can you think of a way to leverage the credentials of an user that does
a logon to the system anyways and that are cached for offline usage for
authenticated ldap access?
Or could it be possible to store the ldap access user and password in
the cache that stores credentials for offline users to avoid plain text
passwords in the sssd.conf?
Are there reasons to avoid the offline cache for such an approach?
Is there another way to avoid plain text passwords in config files for sssd?
Thanks in advance for any answers...
Gruesse
Michael
Show replies by date