Learn more about these different git repos.
Other Git URLs
The only supported ldap_default_authtok_type is "password". sssd should also support GSSAPI-authenticated LDAP lookups using a Kerberos keytab or ccache. (See pam-nss-ldapd's krb5_ccname option in nslcd.conf.)
This is already available since at least SSSD 1.2.0 (and I'm pretty sure it's been there since 1.0.0 as well).
You just need to add the following settings to your sssd.conf:
ldap_sasl_mech = gssapi ldap_sasl_authid = host/machine.fqdn@REALM ldap_krb5_keytab = /etc/krb5.keytab
For more information, see the sssd-ldap(5) manpage.
resolution: => worksforme status: new => closed
Fields changed
rhbz: => 0
milestone: NEEDS_TRIAGE => void
Metadata Update from @ktdreyer: - Issue set to the milestone: void
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/1905
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.