Thanks so much for the input, Sumit. I still can't login, but I think I'm getting closer to the root cause. I now see that with my configuration I wasn't really using SSSD yet, as resolution was being done by 'compat' -- which would itself query NIS.
As you suggested, I replaced 'compat' with 'files' in nsswitch.conf, and bumped the sss priority. But now I believe my problem lies with 'proxy_pam_target': I had set it to 'none' following my initial reading of the configuration posted in https://lists.fedorahosted.org/archives/list/[email protected]/thread/4NT5V5TEFKFCCR5RWG3EHR4LGXXVWYRK/ (apparently, the only other attempt at doing SSSD+NIS described online). But, as also stated there, 'none' is no real keyword and PAM was looking for an /etc/pam.d/none target. Correct me if I'm wrong, but I think I'll need to create a PAM target that calls something like auth required pam_nis.so ... only that Ubuntu doesn't ship a pam_nis.so and I may have to compile one myself. Is there any other way to get a NIS authentication from SSSD? My NIS server provides all the required info -- user info + hashed password -- in the passwd database (see the getent result above), so it seems possible. Thanks once more. _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
