need to authenticate users using two separate LDAP servers. Have configured SSSD with two domains but only one seems to be working. I ran the command
authconfig --enablemkhomedir --enablesssd --enablesssdauth --updateall and updated sssd.conf as follows:
(sssd) domains = domain1, domain2 services = nss, pam config_file_version = 2 (nss) filter_groups = root filter_users = root (pam) offline_credentials_expiration = 0 (domain/domain1) auth_provider = ldap id_provider = ldap ldap_uri = ldaps://domain1 ldap_tls_reqcert = allow (domain/domain2) auth_provider = ldap id_provider = ldap ldap_uri = ldaps://domain2 ldap_tls_reqcert = allow
The results are that a user from domain2 (user2) is recognized but a user from domain1 (user1) is not found:
# id user2 uid=10(user2) gid=10(admin) groups=10(admin) # id user1 id: 'user1': no such user
Any ideas to get domain1 working? That server/auth was working fine when we were back with nslcd.conf but of course couldn’t use two servers with nslcd, only the first server defined would work. I’m a n00b when it comes to this stuff and all the nscd, nslcd, nsswitch.conf, authconfig, etc gets pretty confusing. I didn’t notice any errors in the /var/log/messages or SSSD logs.