Re: [SSSD-users] sssd basic questions

Thu, 05 Jun 2014 13:25:36 -0700 

On 06/04/2014 06:54 PM, Robert Zmijan wrote:

On 06/04/2014 04:13 PM, Robert Zmijan wrote:

On Wed, 2014-06-04 at 18:15 +0100, Robert Zmijan wrote:

Hi

I want to setup sssd to use ldap_default_bind_dn and
ldap_default_authok. currently I have in my sssd.conf
ldap_default_bind_dn = cn=sssd,ou=services,dc=myhost,dc=net
ldap_default_authok = mypassword I understand that I would
have to put 'mypassword' in ldap under the name of 'sssd'
the problem I'm facing is that when i type: sss_obfuscate I
get this:

File "/usr/sbin/sss_obfuscate", line 81 print "Cannot read
internal configuration files"

chmod 0600 /etc/sssd/sssd.conf


Just did that. running sss_obuscate has still the same effect as
above:
File "/usr/sbin/sss_obfuscate", line 81 print "Cannot read
internal configuration files"
Syntax Error: invalid syntax

"invalid syntax" probably means you have an error in the config
file. Mind including it so we can help you spot the syntax error?

Sure, did you mean sssd.conf?

here it is

[sssd]
config_file_version = 2
services = nss, pam
domains = LDAP

[nss]

filter_users = root,ldap,named,avahi,haldaemon,dbus,radiusd,news,nscd


[pam]

# Example LDAP domain
[domain/LDAP]
id_provider = ldap

ldap_id_use_start_tls = True

auth_provider = ldap
chpass_provider = ldap
access_provider = ldap

ldap_access_filter = gidNumber=100

ldap_user_ssh_public_key = sshPublicKey
ldap_default_bind_dn=cn=sssd,ou=services,dc=myhost,dc=net

ldap_tls_reqcert = never
ldap_tls_cacert = /etc/openldap/ssl/ldapscert.crt
ldap_uri = ldap://127.0.0.1
ldap_search_base = dc=homelinux,dc=net
ldap_user_search_base = ou=People,dc=myhost,dc=net
ldap_group_search_base = ou=Group,dc=myhost,dc=net

enumerate = true


Please do not use enumerate=true unless you really need to.
In most cases it should not be enabled.
It seems that your case is such.

2c.
Dmitri



cache_credentials = true
_______________________________________________
sssd-users mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-users



--
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

_______________________________________________
sssd-users mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-users

Reply via email to