> On 27 Dec 2016, at 20:24, Lesley Kimmel <[email protected]> wrote:
>
> All;
>
> I was recently looking at the man page for sssd-ldap and saw that several of
> the options default to the 'openldap defaults’.
>
> Based on this I was wondering:
> 1) Is there any requirement of SSSD on openldap client tools?
This should already be the case, we don’t depend on openldap clients tools
(ldapsearch, ldapadd, …) but we do require openldap libraries. In the past it
was possible to compile sssd with other libldap implementations
(mozilla/netscape’s in particular) but I don’t think anyone tested that
recently.
> 2) If openldap is NOT required will SSSD still use what would be the openldap
> values or is it required to have the ldap.conf file present to obtain these
> values?
The flow goes like this:
- if the value is specified in sssd.conf, use that
- otherwise read the default from libldap
— there, I assume libldap checks ldap.conf for the corresponding value
first
— if not found, it falls back to compiled defaults
I would assume this is true for other programs that use libldap not just sssd.
> 3) If not #2 are there other defaults that SSSD uses or must we provide
> values when we don't have ldap.conf in place?
>
Asking about particular options/values would allow us to answer in a more
helpful manner but in general you shouldn’t need to explicitly define ldap.conf
just for sssd. In theory, sssd.conf might also be quite minimal, specifying
just id_provider, then the rest would then be detected either from DNS or from
rootDSE. As I said, asking more specific questions would yield more specific
answers :)
_______________________________________________
sssd-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
