AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Ldapsearch centos package4/8/2023 ![]() Ldap_default_authtok = Some_Place_Holder_For_Now Ldap_default_authtok_type = obfuscated_password Ldap_default_bind_dn = CN=ReadOnlyUser,CN=Users,DC=test,DC=aws,DC=nz ![]() Ldap_search_base = CN=Users,DC=test,DC=aws,DC=nz Obviously update the ldap_uri, ldap_search_base and ldap_default_bind_dn to match your setup. It will not send passwords over unencrypted channels!Ĭreate /etc/sssd/nf with a content like the following. If the DN or Password is wrong you’ll get something like:Īdditional info: Simple Bind Failed: NT_STATUS_LOGON_FAILUREĪlso note that you must use SSL or StartTLS with SSSD. D CN=ReadOnlyUser,CN=Users,DC=ds,DC=e-it,DC=nz -w Read0nly \ Test with ~]# ldapsearch -H ldaps:// -x \ Let’s assume that your bind_dn is CN=ReadOnlyUser,CN=Users,DC=test,DC=aws,DC=nz and password is Read0nly. How to create one is beyond the scope of this article. ![]() It’s enough to have a read-only user with just enough privileges to read the directory. For authentication and listing users and groups SSSD needs to bind to the LDAP directory. ![]()
0 Comments
Read More
Leave a Reply. |