#3598 [RFE] Allow sssd to read the certificate attributes instead of blob look-up against the LDAP
Closed: duplicate 10 months ago Opened 2 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1521083

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

Description of problem:

Clients are running RHEL 7.4 and Active Directory as identity provider for
SSSD.

Smartcards deployed in AD and would like to use them for authentication.

Configured everything according to this SSSD documentation:
https://docs.pagure.org/SSSD.sssd/design_pages/smartcard_authentication_testing
_with_ad.html.

It works and user can authenticate with the smartcard.

However we would like to setup things without the need to publish user
certificate in LDAP entry.

If we do not publish the user certificate in LDAP entry, the user is not
prompted for PIN and the authentication does not work.

Metadata Update from @jhrozek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1521083

2 years ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 2.0

2 years ago

Metadata Update from @jhrozek:
- Issue priority set to: major

2 years ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 2.1 (was: SSSD 2.0)

a year ago

Hi @jhrozek,

I think this can be closed as duplicate of #3500, do you agree or do you think there is an aspect here which is missing in #3500?

bye,
Sumit

I agree with closing. I didn't even know we had a separate ticket.

Metadata Update from @jhrozek:
- Issue close_status updated to: duplicate
- Issue status updated to: Closed (was: Open)

10 months ago

Login to comment on this ticket.

Metadata