On 30/04/2015 17:09, Yingbo Li wrote: > It looks like binddn and bindpw should be set. It seems that IT LDAP server > request for binddn and bindpw for getent operation. In my local test env, > ldap server did request binddn and bindpw from ladp client getent operation. > It works. > But Howard Chu said in OpenLDAP, ldap.conf file cannot set binddn and bindpw. > Ldapsearch I can use -D -w to set binddn and bindpw. What else can I do to > make getent work?
ldap.conf doesn't come into it. You need to tell sssd how to bind to your LDAP server. Use the following three directives in sssd.conf within your [domain/default] section: ldap_default_bind_dn = <dn to bind as> ldap_default_authtok_type = password ldap_default_authtok = <dn password> Look at the man page for sssd.conf for more information about these. -- Liam Gretton [email protected] Systems Specialist http://www.le.ac.uk/its/ IT Services Tel: +44 (0)116 2522254 University Of Leicester, University Road Leicestershire LE1 7RH, United Kingdom
