I'm running a 389DS LDAPS server (with self-signed certificates) on a Fedora 30 remote machine called "miservidor.midominio.local". There I have a typical directory containing user and group entries.
I can retrieve directory data from another Fedora 30 machine (the client's one) wihout any problem. For instance, executing this command ("usu1ldap" is the name of an user located inside a "usuarios" organizationalunit)...:
LDAPTLS_REQCERT=never ldapsearch -H ldaps://miservidor.midominio.local -b "dc=midominio,dc=local" uid=usu1ldap
...I get:
But I want to login in client machine with "usu1ldap". So I've configured /etc/sssd/sssd.conf file in client machine like this...:
...I've executed sudo authselect select sssd to "automagically" configure NSS/PAM frameworks and finally I've restarted sssd service.
However, something doesn't work: getent passwd doesn't show "usu1ldap" user and, obviously, id usu1ldap retrieves "unknown user" too
What am I doing wrong? I've tried to grasp sssd's log files but without any clue. I'm a bit desperated...
Thanks a lot for your patience.
NOTE: Notice that in sssd.conf file I've had to assign the name and password of directory's manager to "ldap_default_bind_dn" and "ldap_default_authtok" lines respectively because my 389DS server by default doesn't allow anonymous queries and I don't know how to change this (yet).
