Feature #12091: RFE: Add support for sssd authentication - pfSense - pfSense bugtracker

Actions

Copy link

Feature #12091

open

RFE: Add support for sssd authentication

Added by Orion Poplawski over 4 years ago. Updated over 2 years ago.

Status:

New

Priority:

Normal

Assignee:

Category:

Authentication

Target version:

Start date:

06/28/2021

Due date:

% Done:

Estimated time:

Plus Target Version:

Release Notes:

Default

Description

I'm making use of sssd authentication on pfSense 2.5+, but I keep having to add "sss" to nsswitch.conf because it is overwritten by /etc/inc/auth.inc. I'm setting:

group: files sss
passwd: files sss

For reference, my /usr/local/etc/sssd/sssd.conf is like:

[sssd]
config_file_version = 2
services = nss
domains = ad.nwra.com

[nss]
override_homedir = /home/%u
override_shell = /bin/tcsh

[pam]

[domain/ad.nwra.com]
id_provider = ldap
sudo_provider = none
; auth_provider = ldap
ldap_schema = AD
ldap_uri = ldaps://ADSERVER

ldap_referrals = false
ldap_default_bind_dn = {{ ad_bind_user }}
ldap_default_authtok = {{ ad_bind_password }}
ldap_search_base = dc=ad,dc=nwra,dc=com
ldap_user_gecos = displayName
auto_private_groups = true

Or perhaps at least provide a way to have a custom nsswitch.conf file. Thanks.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Feature #12091

RFE: Add support for sssd authentication

Updated by Orion Poplawski almost 4 years ago

Updated by Gabriel Zellmer almost 3 years ago

Updated by Orion Poplawski over 2 years ago