SSSD And Usermod
Hi MItja,
it looks like you are trying to integrate SSSD with FreeIPA. I think the following presentation will help you review the SSSD configuration even if you are trying to use 389DS independently:
http://www.freeipa.org/images/7/77/Freeipa30_SSSD_SUDO_Integration.pdf
Check the page titled ” Example configuration – SSSD with FreeIPA server”. SSSD has to be configured to talk to LDAP server. Check also the settings in /etc/nsswitch.conf. You might need to modify it to enable SSSD
integration with other services.
This example comes from a host that is using SSSD for SSH authentication and sudo integration with a FreeIPA server:
passwd: files sss shadow: files sss group: files sss sudoers: files sss
Dimitar
One thought on - SSSD And Usermod
Hi Dimitar!
FreeIPA might be worth a look. We already have a user management system that currently manages passwd/shadow. The idea was to migrate passwd/shadow info to 389DS so we could distribute the users across multiple servers. Perhaps our management system could use FreeIPA’s tools for user management.
I could not find find the attachment in your last email, could you please send it again?
Do you perhaps have experience in managing a SSSD-389DS system with 70k users and about 500 queries per second to SSSD?
Regards, Mitja
—
Mitja Mihelič
ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana, Slovenia tel: +386 1 479 8877, fax: +386 1 479 88 78