On Wed, Jun 04, 2014 at 11:54:39PM +0100, Robert Zmijan wrote: > > On 06/04/2014 04:13 PM, Robert Zmijan wrote: > >>> On Wed, 2014-06-04 at 18:15 +0100, Robert Zmijan wrote: > >>>> Hi > >>>> > >>>> I want to setup sssd to use ldap_default_bind_dn and > >>>> ldap_default_authok. currently I have in my sssd.conf > >>>> ldap_default_bind_dn = cn=sssd,ou=services,dc=myhost,dc=net > >>>> ldap_default_authok = mypassword I understand that I would > >>>> have to put 'mypassword' in ldap under the name of 'sssd' > >>>> the problem I'm facing is that when i type: sss_obfuscate I > >>>> get this: > >>>> > >>>> File "/usr/sbin/sss_obfuscate", line 81 print "Cannot read > >>>> internal configuration files" > >>> > >>> chmod 0600 /etc/sssd/sssd.conf > >>> > > > >> Just did that. running sss_obuscate has still the same effect as > >> above: > > > >> File "/usr/sbin/sss_obfuscate", line 81 print "Cannot read > >> internal configuration files" > > > >> Syntax Error: invalid syntax > > > > "invalid syntax" probably means you have an error in the config > > file. Mind including it so we can help you spot the syntax error? > > Sure, did you mean sssd.conf? > > here it is > > [sssd] > config_file_version = 2 > services = nss, pam > domains = LDAP > > [nss] > > filter_users = root,ldap,named,avahi,haldaemon,dbus,radiusd,news,nscd > > > [pam] > > # Example LDAP domain > [domain/LDAP] > id_provider = ldap > > ldap_id_use_start_tls = True > > auth_provider = ldap > chpass_provider = ldap > access_provider = ldap > > ldap_access_filter = gidNumber=100 > > ldap_user_ssh_public_key = sshPublicKey > ldap_default_bind_dn=cn=sssd,ou=services,dc=myhost,dc=net > > ldap_tls_reqcert = never > ldap_tls_cacert = /etc/openldap/ssl/ldapscert.crt > ldap_uri = ldap://127.0.0.1 > ldap_search_base = dc=homelinux,dc=net > ldap_user_search_base = ou=People,dc=myhost,dc=net > ldap_group_search_base = ou=Group,dc=myhost,dc=net > > enumerate = true > > cache_credentials = true
This configuration looks good and is working for me with sss_obfuscate. Which platform/distribution do you use? Maybe there are issues with the path to the config file? You can use the -f option to explicitly tell sss_obfuscate which config file to read. HTH bye, Sumit > _______________________________________________ > sssd-users mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/sssd-users _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
