Hi, > IMHO your best solution would be to use https://sssd.io/ and > https://www.keycloak.org/ to bundle your systems together. > > Keycloak would speak to your OIDC provider and translates the information in > something sssd can understand. sssd than is put into your nsswitch.conf as > provider for users, groups, etc.
Thanks for the advice, but I don't see how it helps with my questions on how to build a system that does *not* do what you proposed. -nik
signature.asc
Description: PGP signature
