Re: [Freeipa-users] ldap.conf
On Wed, Apr 12, 2017 at 09:47:06AM +0200, Jakub Hrozek wrote: > You can drop this line as well, it's the default for the AD provider. s/AD/IPA/ -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] ldap.conf
On Wed, Apr 12, 2017 at 09:30:38AM +0200, Christoph Kaminski wrote: > Hi > > are the files /etc/ldap.conf and /etc/openldap/ldap.conf for ipa client > and/or server systeme necessary? What is the function of them? They configure the openldap library. If you have an application (like ldapsearch) that links against libldap, it reads the config from these files. That's the same as libkrb5 and /etc/krb5.conf btw. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] ldap.conf
On Wed, Apr 12, 2017 at 09:34:59AM +0200, Christoph Kaminski wrote: > Hi > > is this ok as config for sssd on centos 7 AND 6? > > [domain/hso] > cache_credentials = True > krb5_store_password_if_offline = True > id_provider = ipa > ldap_tls_cacert = /etc/ipa/ca.crt You can drop this line as well, it's the default for the AD provider. > > [sssd] > services = nss, pam, ssh, sudo, autofs > config_file_version = 2 > domains = hso > > [nss] > > [pam] > > [sudo] > > [autofs] > > [ssh] > > I mean it works but would I get any problems with it? No, the configs are supposed to be minimal. You can even drop the empty service sections like [nss]. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] ldap.conf
Hi is this ok as config for sssd on centos 7 AND 6? [domain/hso] cache_credentials = True krb5_store_password_if_offline = True id_provider = ipa ldap_tls_cacert = /etc/ipa/ca.crt [sssd] services = nss, pam, ssh, sudo, autofs config_file_version = 2 domains = hso [nss] [pam] [sudo] [autofs] [ssh] I mean it works but would I get any problems with it? Greetz Christoph Kaminski -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] ldap.conf
Hi are the files /etc/ldap.conf and /etc/openldap/ldap.conf for ipa client and/or server systeme necessary? What is the function of them? Greetz Christoph Kaminski -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project