Hi all
I've inherited a bunch of linux servers on which LDAP is configured using 389-ds and SSSD. Mostly on Centos 6.5 and Ubuntu 12.04/14.04.
Previous admin (whch I am not) left instructions for adding clients to the domain which have been pretty straight forward.
Install sssd on the clients, run authconfig --enablesssd --enablesssdauth --enablelocauthorize --update, configure /etc/sssd/sssd.conf appropriately and set as 0600 perms, apply a fix to avoid creating home directories manually then chkconfig sssd on.
This has mostly worked as expected however we have discovered a Centos 5.5 box in one of the data centers on which our devs would like LDAP configured and instructions above don't work, presumably due to missing dependencies or another way of doing things on earlier version of Centos of which I am unaware.
Has anyone had any joy configuring sssd with 389-ds on Centos 5.5? I have searched the web high and low and not found much applicable but my knowledge of the inner workings of LDAP et al is limited to be fair.
If I try and login as an LDAP user I can see this in /var/log/secure
Oct 7 21:48:46 <servername> sshd[25164]: pam_sss(sshd:auth): received for user <username>: 10 (User not known to the underlying authentication module) And running this
ldapsearch -x -h -p 389 -s base -b "" "objectclass=*" results in
ldap_bind: Can't contact LDAP server (-1) I've seen one post which mentions installing openldap-clients and then configuring these 2 files but can't see how to translate the sssd.conf to those and also mentions certificates which don't appear to be necessary using only sssd.
/etc/openldap/ldap.conf /etc/ldap.conf Any help or pointers anyone could offer even along the lines of you need x and y - go look it up, would be appreciated.
cheers
[link][comment]