0

Reference this original question that was closed: Can't add local user on system using ldap auth for samba

I had the same problem. We are creating a jump host that has some local users, and the rest are in ldap. The user ids are the same between local and ldap. This is mainly because our team doesn't manage Active Directory, and we want to use ssh keys for some users. So we will add those users locally (with same uid and gid as in AD) but with the addition of the key. We weren't able to add the users because it does a lookup first and finds them in ldap.

We are also trying to minimize user impact, so disabling sssd for the time required to add the user was really not an option.

lsd
  • 1,653
  • 10
  • 8

1 Answers1

0

We found that putting the user in filter_users in sssd.conf works. It no longer looks up that user when trying to add the user. So we modified sssd.conf to add the user(s) in filter_users in the sssd section, did a quick restart of sssd, added the users, and removed the entries from filter_users and restart sssd again. That was successful.

Now we have local users with the same uid and gid provided from AD (although we did override the homedir and shell), with the addition of ssh keys, that AD didn't provide (and we don't have access to so that we could add it).

lsd
  • 1,653
  • 10
  • 8