Re: Openldap and sssd: getting slapd to do TLS negotiation or getting sssd to NOT do TLS negotiation
--On Thursday, September 28, 2017 5:37 PM -0400 Douglas Duckworth dod2014@med.cornell.edu wrote:
What would you recommend as a replacement for SSSD? I am running it across Centos 6 and 7 clients without any issue using TLS.
There is nss-pam-ldapd/nslcd.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
Quanah Gibson-Mount wrote:
--On Thursday, September 28, 2017 5:37 PM -0400 Douglas Duckworth dod2014@med.cornell.edu wrote:
What would you recommend as a replacement for SSSD? I am running it across Centos 6 and 7 clients without any issue using TLS.
There is nss-pam-ldapd/nslcd.
YMMV - each implementation has its pros and cons:
nslcd supports hosts etc. maps but not sudoers.
sssd supports caching sudoers "map".
Ciao, Michael.
openldap-technical@openldap.org
-
Michael Ströder -
Quanah Gibson-Mount