The sssd.io site offers good documentation about joining to an AD domain.
https://sssd.io/docs/ad/ad-introduction.html
cache_credentials = true
– would allow for offline logins.
Outside of that, it can be tricky to offer advice because some options will relate to your domain setup.
For instance, POSIX UID/GIDs may or may not be in your domain.
Cheers
Mark
From: Matt Zagrabelny <mzagrabe@d.umn.edu>
Sent: 15 April 2022 04:35
To: sssd-users@lists.fedorahosted.org
Subject: [SSSD-users] Debian user for sssd with AD
You don't often get email from
mzagrabe@d.umn.edu.
Learn why this is important |
CAUTION: External email. Ensure this message is from a trusted source before clicking links/attachments.
Greetings,
I haven't started using sssd yet, but am excited to do so.
I have a bunch of Debian clients that I'd like to use/test against an AD controller.
I'm assuming other folks have done such configurations. I'm afraid I don't know exactly which packages I'll need to install to have sss(d) perform the nsswitch'ing. I've read that sssd has a local cache in case the connection to the LDAP
directory fails.
Can anyone point me in the right direction regarding what packages I'll need or perhaps a HOWTO document on the internet? I've seen a few Redhat/Fedora docs - which I can translate/interpret for Debian as needed, but was wondering if there
was a somewhat condensed version for simply setting up a (Debian) client.
Thanks for any pointers and for helping out a newcomer.
-m