Am Mon, Mar 13, 2023 at 10:34:43AM -0000 schrieb Hristina Marosevic: > Hello, > > Since I can not find relevant information on web about this I would like to > ask you about my current issue. > Im my SSSD configuration I have two LDAP URIs, one defines as value of > ldap_uri and other defined as value of ldap_backup_uri. These LDAP instances > have different password and same LDAP admin DN. > LDAP password for binding to the first LDAP instance is defined as value of > the SSSD conf attribute: ldap_default_authtok but I can not find attribute > that will store LDAP password for the second LDAP instance. > Are there options for defining LDAP bind password to connect to LDAP server > defined as value of ldap_backup_uri in the SSSD configuration or I must > change the password of the second instance to match the one defined and used > on the first LDAP instance?
Hi, yes, the passwords for the given DN must be the same on all LDAP servers. Please note that it is not needed to use an "LDAP admin DN", a service account which can read all the default POSIX and user attributes is sufficient and should be prefrerred over an "admin" account. HTH bye, Sumit > > Thank you in advance! > BR, > Hristina > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
