Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

How to sync LDAP Server user to the client ?

How to sync LDAP Server user to the client ?

Expert Contributor

Hello,

I have created AWS instance as a LDAP server. I have configured the LDAP server and created group and users. Now I want to sync the LDAP user to the client. I have another AWS instance as a client. I tried to configure the client with following two option.

1. The sssd option

I have installed openldap-clients and sssd packages. when I execute the authconfig-tui it shows warning:

The /lib64/libnss_sss.so.2 file was not found, but it is required for LDAP support to work properly. Install the sssd- client package, which provides this file.

libnss_sss.so.2 is already there in /usr/lib64.

after that I execute following command it shows starting sssd: [ok]

authconfig --enablesssd --enablesssdauth --enablelocauthorize --enablemkhomedir --update

But when I execute,

getent passwd <username>

It do not give any output. It means the LDAP server user did not sync with client.

2. The nslcd option

I have installed openldap-clients and nss-pam-ldapd packages on client.

executed the follwoing commands:

authconfig --enableforcelegacy --update

After this command execute it shows starting nslcd: [ok]

authconfig --enableldap --enableldapauth --ldapserver=<ldap server> --ldapbasedn="dc=example,dc=com" --update authconfig --enableldaptls --update

when I execute following command it do not show any output.It means the LDAP server user did not sync with client.

getent passwd <username>

I have copied the LDAP Server public key to the /etc/openldap/cacerts.

I am new to LDAP. Please, help me out to sync the user. I already wasted more than a week.

Thank You.

2 REPLIES 2
Highlighted

Re: How to sync LDAP Server user to the client ?

Contributor

Re: How to sync LDAP Server user to the client ?

Expert Contributor

@Rishi This document didn't work for me.

Don't have an account?
Coming from Hortonworks? Activate your account here