Hello sssd-users, we're using sssd for LDAP authentication for some years without any issues, but now we're challenged with adding AD authentication to support Silverfort MFA deployment. Silverfort only supports AD, therefore we would have to delegate auth_provider to AD and id_provider to our LDAP.
my question is, it seems possible to split LDAP authentication in one domain to separate LDAP URIs with using ldap_auth_uri and ldap_uri. But how can sssd determine which ldap_default_bind_dn/ldap_default_authtok to use on which URI? (same for all other ldap options) is that even possible? We have all our groups in LDAP, whole toolchain/IDM is based on LDAP - therefore we cannot easily switch everything to AD. thanks , Stefan
-- _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
