enterprise-ubuntu team mailing list archive
Mailing list archive
SSSD, should I be using it?
I often hear people mention SSSD as a good way to authenticate to Active
Directory or Samba. Is SSSD production ready on Ubuntu? Is there a good
getting started guide?
>From the info I've seen of it, there's a lot to configure. The thing that
absolutely frightens me is comments saying things like "Hey make sure to
add this conf option". After setting up pam_ldap (and cached credentials,
and cron jobs to update nss, etc) once I'm rather afraid of the do
everything yourself method as I know I'll make mistakes and forget things.
I've heard people on this list say likewise open is not the best, but it is
certainly easy to use. I'm curious why SSSD might be a better option.
I think my requirements are fairly standard - user can log in, cached
credentials work, kerberos tickets would be nice, changing passwords in a
sane way would be nice.