ldap authentication problems
David L
idht4n at gmail.com
Tue May 11 15:43:44 UTC 2010
On Mon, May 10, 2010 at 6:42 PM, Gordon Messmer wrote:
> On 05/10/2010 12:27 PM, David L wrote:
>>
>> When I upgrade between fedora releases, I usually
>> install with only local users, then run system-config-authentication
>> and select "Enable LDAP support" on the "User Information" tab
>> and on the "Authentication" tab and then click "OK". Then I just
>> copy the old /etc/ldap.conf from the previous release over the
>> one in /etc on the new release.
>
> If you want to continue to do that, you'll need to replace
> /etc/nsswitch.conf with a version configured to use "ldap" instead of
> "sssd". I believe that if you replace both ldap.conf and nsswitch.conf,
> the system will function as it used to.
I think I already have done that... my nsswitch.conf looks like this:
passwd: files ldap
shadow: files ldap
group: files ldap
hosts: files dns
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: files ldap
publickey: nisplus
automount: files ldap
aliases: files nisplus
>
> sssd does have some compelling features, so you might want to invest a
> few minutes into migrating the settings from your old ldap.conf to
> /etc/sssd/sssd.conf. Your LDAP directory looks a lot like Active
> Directory, so you'll probably use a lot of the settings which are
> present in the default sssd.conf, but commented out.
Ok, thanks... I'll try that.
David
More information about the test
mailing list