Hi Jakub
Yes, I can also include that.
The configuration I was showing was a simple one, mainly I focused on
the library set as it is usually the most problematic part in old
distributions, but I will also include your comment as indeed makes more
sense.
As I was suggesting in the post, sssd is flexible enough admit multiple
configurations, once you get a working one you can work on improving it.
(Also I wanted to write that asap before I forget any important detail)
Your comment is very much appreciated and I will update accordingly
Thanks
On 30/03/2015 01:16, Jakub Hrozek wrote:
On Mon, Mar 30, 2015 at 05:36:00AM +0100, [email protected] wrote:
Hey Guys
Not sure if I am missing any bit.... but this was the thing in the end:
http://generations.menteyarte.org/archives/195-freeipa-server-and-SSSD-on-Ubuntu.html
I managed to have it working and I have documented all those nasty bits
which might save people's time. The whole weekend gone but for the less has
been productive.
I am including the SUDO bit which is usually a pain in my experience..
Thanks
Thank you very much for documenting this, but wouldn't it be better to
use id_provider=ipa instead?
Then the configuration would be simpler, less error prone and would
authenticate more securely. You don't need to run ipa-client-install on
the box, you can generate the client keytab elsewhere and transfer it to
the client.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
