Project

General

Profile

Actions

Feature #12091

open

RFE: Add support for sssd authentication

Added by Orion Poplawski 3 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
06/28/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default

Description

I'm making use of sssd authentication on pfSense 2.5+, but I keep having to add "sss" to nsswitch.conf because it is overwritten by /etc/inc/auth.inc. I'm setting:

group: files sss
passwd: files sss

For reference, my /usr/local/etc/sssd/sssd.conf is like:

[sssd]
config_file_version = 2
services = nss
domains = ad.nwra.com

[nss]
override_homedir = /home/%u
override_shell = /bin/tcsh

[pam]

[domain/ad.nwra.com]
id_provider = ldap
sudo_provider = none
; auth_provider = ldap
ldap_schema = AD
ldap_uri = ldaps://ADSERVER

ldap_referrals = false
ldap_default_bind_dn = {{ ad_bind_user }}
ldap_default_authtok = {{ ad_bind_password }}
ldap_search_base = dc=ad,dc=nwra,dc=com
ldap_user_gecos = displayName
auto_private_groups = true

Or perhaps at least provide a way to have a custom nsswitch.conf file. Thanks.

No data to display

Actions

Also available in: Atom PDF