Al 29/08/13 21:54, En/na Rowland Penny ha escrit: >> Yes, I was trying sssd, but I forgot that I switched back nsswitch.conf >> to ldap, so I thought your suggestion was working while it actually >> wasn't (same error with Administrator as with HP$). >> >> Bye > Hi, I am replying to you on list, could you please post your sssd.conf > and what version of sssd you are using, also what is your OS
OK, now I got sssd working *but* without kerberos. The OS is Linux, mageia 3, sssd is 1.9.4, the sssd.conf is just like the one posted by steve (http://linuxcostablanca.blogspot.com.es/2013/04/sssd-in-samba-40.html) modified for my domain and with kerberos options commented out of the way: [sssd] services = nss, pam config_file_version = 2 domains = default [nss] [pam] [domain/default] ldap_schema = rfc2307bis access_provider = simple enumerate = FALSE cache_credentials = true id_provider = ldap auth_provider = ldap chpass_provider = ldap #krb5_realm = WETRON.ES #krb5_server = hp.wetron.es #krb5_kpasswd = hp.wetron.es ldap_referrals = false ldap_uri = ldap://localhost/ ldap_search_base = dc=wetron,dc=es #ldap_tls_cacertdir = /usr/local/samba/private/tls #ldap_id_use_start_tls = true ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_uid_number = uidNumber ldap_user_gid_number = gidNumber ldap_user_home_directory = unixHomeDirectory ldap_user_shell = loginShell ldap_group_object_class = group ldap_group_search_base = dc=wetron,dc=es ldap_group_name = cn ldap_group_member = member #ldap_user_search_filter =(&(objectCategory=User)(uidNumber=*)) #dap_sasl_mech = gssapi #ldap_sasl_authid = nslcd-connect ##for the client use: ## ldap_sasl_authid=ALGORFA$ #ldap_krb5_keytab = /etc/krb5.sssd.keytab #ldap_krb5_init_creds = true ldap_id_use_start_tls = false ldap_default_bind_dn = cn=nslcd-connect,cn=Users,dc=wetron,dc=es ldap_default_authtok_type = password ldap_default_authtok = ------- Bye -- Luca Olivetti Wetron Automation Technology http://www.wetron.es Tel. +34 935883004 Fax +34 935883007 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba