I need to authenticate users using two separate LDAP servers. Have configured SSSD with two domains but only one seems to be working. I ran the command authconfig --enablemkhomedir --enablesssd --enablesssdauth --updateall and updated sssd.conf as follows:
[sssd] domains = domain1, domain2 services = nss, pam config_file_version = 2 [nss] filter_groups = root filter_users = root [pam] offline_credentials_expiration = 0 [domain/domain1] auth_provider = ldap id_provider = ldap ldap_uri = ldaps://domain1 ldap_tls_reqcert = allow [domain/domain2] auth_provider = ldap id_provider = ldap ldap_uri = ldaps://domain2 ldap_tls_reqcert = allow The results are that a user from domain2 (user2) is recognized but a user from domain1 (user1) is not found:
# id user2 uid=10(user2) gid=10(admin) groups=10(admin) # id user1 id: 'user1': no such user Any ideas to get domain1 working? That server/auth was working fine when we were back with nslcd.conf but of course couldn't use two servers with nslcd, only the first server defined would work. I'm a n00b when it comes to this stuff and all the nscd, nslcd, nsswitch.conf, authconfig, etc gets pretty confusing. I didn't notice any errors in the /var/log/messages or SSSD logs.
