On 24.02.2017 16:21, Bernard Fay wrote:
On Fri, Feb 24, 2017 at 10:07 AM, Michael Wandel <m.wandel@t-online.de mailto:m.wandel@t-online.de> wrote:
On 24.02.2017 16 <tel:24.02.2017%2016>:02, Bernard Fay wrote: > sssd is not running and even removed. At beginning we thought of using > it as it is the recommended way to go. But sssd requires the use of a > secured LDAP which we do not use as this LDAP is confined in a lab. We > use nscd. This ist not correct, sssd need this only for the authprovider , the idprovider can be used with plain ldap. best regards
I do not understand what is not correct in this. The man page of sssd-ldap is clear about it.
IMHO it is better to use for this question the sssd mailing list or per pm.
best regards
michael
Michael > > > > On Fri, Feb 24, 2017 at 9:56 AM, Michael Ströder <michael@stroeder.com <mailto:michael@stroeder.com> > <mailto:michael@stroeder.com <mailto:michael@stroeder.com>>> wrote: > > Bernard Fay wrote: > > passwd: files sss ldap > > shadow: files sss ldap > > group: files sss ldap > > This mix makes no sense at all. Either you use nss_sss to query sssd > (which has its own > cache in /var/lib/sss/db) or you use nss_ldap (direct or via > nss-pam-ldapd). > > Decide which components you really want to use and clean your config > before going any > further. > > Ciao, Michael. > >