Home
News
Forum
Wiki
Blog
Contents
Gallery
Movies
Downloads
About NSL
[
List of Titles
|
List of Pages
|
New
|
Search
|
Recent changes
|
Help
]
Source of
sssd
[
Front page
]
[ ]
View the
diff
.
Go to
sssd
.
« Prev
** SSSD [#h3c7678c] - System Security Services Daemon - [[LDAP]] を使用した認証が可能.キャッシュサーバ一体型. #br *** Getting Start [#yd2c55ab] - getent shadow が使えなくても,認証可能! #br ****設定ファイル [#q45b6791] - [[authconfig>authselect]], authconfig-uti コマンドでデフォルトの設定ファイルを用意してくくれる -- CentOS8 では [[authselect]] になった. authconfig-uti は削除. -- # authselect select sssd - /etc/sssd/[[sssd.conf>./sssd.conf]] (''-rw------- 1 root root'') - /etc/nsswitch.conf -- sss を追加 - [[/etc/pam.d>PAM]]/* - /etc/sysconfig/authconfig -- 手動:SSSD関連を yes, LDAP関連を no (手動は意味ないかも知れない.ない気がする.参考程度に記す) #br **** 起動 [#w0e57382] - # systemctl start sssd #br **** 全キャッシュのクリア [#d444b6da] - # systemctl stop sssd - # \rm /var/lib/sss/db/* - # systemctl start sssd #br **** 検証 [#q4eaec9b] - 要 sssd-tools # sssctl domain-status default #br *** [[PAM]] [#t20d7915] **** system-auth [#c33cbec0] auth required pam_env.so auth required pam_faildelay.so delay=2000000 auth [default=1 ignore=ignore success=ok] pam_succeed_if.so uid >= 1000 quiet auth [default=1 ignore=ignore success=ok] pam_localuser.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 1000 quiet_success auth sufficient pam_sss.so forward_pass auth required pam_deny.so account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 1000 quiet account [default=bad success=ok user_unknown=ignore] pam_sss.so account required pam_permit.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so shadow nullok try_first_pass use_authtok password sufficient pam_sss.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session optional pam_oddjob_mkhomedir.so umask=0077 session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_sss.so **** password-auth [#x8b5ec4d] auth required pam_env.so auth required pam_faildelay.so delay=2000000 auth [default=1 ignore=ignore success=ok] pam_succeed_if.so uid >= 1000 quiet auth [default=1 ignore=ignore success=ok] pam_localuser.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 1000 quiet_success auth sufficient pam_sss.so forward_pass auth required pam_deny.so account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 1000 quiet account [default=bad success=ok user_unknown=ignore] pam_sss.so account required pam_permit.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so shadow nullok try_first_pass use_authtok password sufficient pam_sss.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session optional pam_oddjob_mkhomedir.so umask=0077 session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_sss.so
« Prev
Backup list of sssd
Backup source of sssd(No. All)
1: 2021-06-26 (Sat) 12:19:53
iseki
2: 2021-06-26 (Sat) 12:32:13
iseki
3: 2021-06-26 (Sat) 18:35:06
iseki
4: 2021-06-27 (Sun) 21:48:43
iseki
5: 2021-06-29 (Tue) 11:13:02
iseki
6: 2021-06-29 (Tue) 14:28:55
iseki
Cur: 2021-07-05 (Mon) 10:55:33
iseki
Site Search
Advanced Search
Login
Username:
Password:
Lost Password?
Register now!!
Sub Menu
New Arrivals
Books
Web Links
Site Map
e-Learning
TUIS Certificate
mini Calendar
May 2024
Su
Mo
Tu
We
Th
Fr
Sa
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Today
Who's Online
58 user(s) are online (25 user(s) are browsing xpwiki)
Members: 0
Guests: 58
more...
Access Counter
Today :
Yesterday :
Total :
Powered by XOOPS Cube 2.1© 2001-2006
XOOPS Cube Project
Design by
XoopsDesign.com