41
edits
Changes
From SME Server
Jump to navigationJump to searchClient Authentication:Fedora via sssd/ldap (view source)
Revision as of 20:52, 23 October 2015
, 20:52, 23 October 2015no edit summary
Line 28:
Line 28:
Thats all. +
dnf install oddjob-mkhomedir sssd policycoreutils-python
dnf install oddjob-mkhomedir sssd policycoreutils-python
−===Preparare the /home folder===
+===Prepare the /home folder===
The “/home” folders of the users will be placed at the same place as on the SME (/home/e-smith/fies/users).
The “/home” folders of the users will be placed at the same place as on the SME (/home/e-smith/fies/users).
This must be configured to avoid blocks from SELinux:
This must be configured to avoid blocks from SELinux:
Line 36:
Line 36:
restorecon -R /var/lib/sss
restorecon -R /var/lib/sss
−===Acive and enable the oddjobd daemon===
+===Active and enable the oddjobd daemon===
−This deamon will create the personal /home folders at the first login of the users.
+This daemon will create the personal /home folders at the first login of the users.
systemctl start oddjobd.service
systemctl start oddjobd.service
systemctl enable oddjobd.service
systemctl enable oddjobd.service
Line 126:
Line 126:
should show you the users of the SME.
should show you the users of the SME.
−'''''If it doen't work:'''''
+'''''If it doesn't work:'''''
*check first of all if the password of the user “auth” is present in clear by the parameter “ldap_default_authtok” of /etc/sssd/sssd.conf.
*check first of all if the password of the user “auth” is present in clear by the parameter “ldap_default_authtok” of /etc/sssd/sssd.conf.
*Further more, for tests and debug, you can set “ldap_tls_reqcert = never” to avoid problems due to a non accepted CA.
*Further more, for tests and debug, you can set “ldap_tls_reqcert = never” to avoid problems due to a non accepted CA.
Line 134:
Line 134:
gpasswd -a <your ldap login> wheel}}
gpasswd -a <your ldap login> wheel}}
−That's all.
Enjoy!
Enjoy!
[[Category:Howto]]
[[Category:Howto]]
