English Korean
|*Authconfig options* |*Authselect profile feature*
|--enablesmartcard |with-smartcard
|--enablefingerprint |with-fingerprint
|--enableecryptfs |with-ecryptfs
|--enablemkhomedir |with-mkhomedir
|--enablefaillock |with-faillock
|--enablepamaccess |with-pamaccess
|--enablewinbindkrb5 |with-krb5
|--enableshadow |_none_
|--passalgo |_none_
|*Authconfig options* |*Authselect profile feature*
|--enablesmartcard |with-smartcard
|--enablefingerprint |with-fingerprint
|--enableecryptfs |with-ecryptfs
|--enablemkhomedir |with-mkhomedir
|--enablefaillock |with-faillock
|--enablepamaccess |with-pamaccess
|--enablewinbindkrb5 |with-krb5
|--enableshadow |_none_
|--passalgo |_none_
authconfig --enableldap --enableldapauth --enablefaillock --updateall
authselect select sssd with-faillock
authconfig --enableldap --enableldapauth --enablefaillock --updateall
authselect select sssd with-faillock
authconfig --enablesssd --enablesssdauth --enablesmartcard --smartcardmodule=sssd --updateall
authselect select sssd with-smartcard
authconfig --enablesssd --enablesssdauth --enablesmartcard --smartcardmodule=sssd --updateall
authselect select sssd with-smartcard
authconfig --enableecryptfs --enablepamaccess --updateall
authselect select sssd with-ecryptfs with-pamaccess
authconfig --enableecryptfs --enablepamaccess --updateall
authselect select sssd with-ecryptfs with-pamaccess
authconfig --enablewinbind --enablewinbindauth --winbindjoin=Administrator --updateall
realm join -U Administrator --client-software=winbind WINBINDDOMAIN
authconfig --enablewinbind --enablewinbindauth --winbindjoin=Administrator --updateall
realm join -U Administrator --client-software=winbind WINBINDDOMAIN
{sysconfdir}/openldap/ldap.conf {sysconfdir}/openldap/ldap.conf
{sysconfdir}/sssd/sssd.conf {sysconfdir}/sssd/sssd.conf
[sssd]
config_file_version = 2
domains = default
[sssd]
config_file_version = 2
domains = default
[domain/default]
id_provider = ldap
ldap_uri = _srv_
dns_discovery_domain = myrealm
[domain/default]
id_provider = ldap
ldap_uri = _srv_
dns_discovery_domain = myrealm
[domain/default]
id_provider = ldap
auth_provider = krb5
ldap_uri = _srv_
krb5_server = _srv_
krb5_realm = MYREALM
dns_discovery_domain = myrealm
[domain/default]
id_provider = ldap
auth_provider = krb5
ldap_uri = _srv_
krb5_server = _srv_
krb5_realm = MYREALM
dns_discovery_domain = myrealm
domain mydomain broadcast
# or
# domain mydomain server myserver
domain mydomain broadcast
# or
# domain mydomain server myserver
{sysconfdir}/sysconfig/network {sysconfdir}/sysconfig/network
NISDOMAIN=mydomain
NISDOMAIN=mydomain
$ domainname mydomain
$ setsebool -P allow_ypbind 1
$ domainname mydomain
$ setsebool -P allow_ypbind 1
systemctl enable sssd.service ; systemctl start sssd.service
systemctl enable sssd.service ; systemctl start sssd.service
Winbind Winbind
systemctl enable rpcbind.service ; systemctl start rpcbind.service
systemctl enable ypbind.service ; systemctl start ypbind.service
systemctl enable rpcbind.service ; systemctl start rpcbind.service
systemctl enable ypbind.service ; systemctl start ypbind.service
systemctl enable oddjobd.service ; systemctl start oddjobd.service
systemctl enable oddjobd.service ; systemctl start oddjobd.service
authselect(8), authselect-profiles(5), realm(8), ipa-client-install(1), sssd.conf(5), smb.conf(5), ldap.conf(5), krb5.conf(5) authselect(8), authselect-profiles(5), realm(8), ipa-client-install(1), sssd.conf(5), smb.conf(5), ldap.conf(5), krb5.conf(5)