SSSD how to list users

Latest response

How to list all users on server when SSSD is used?

Responses

Hi Datha Parsi,

Try this command:

# systemctl is-active sssd && getent passwd || echo sssd service is down

This command wen ran will first check if the sssd service is active. If it is active, it will attempt a run of the command "getent passwd" otherwise it will echo "sssd service is down"

EDITED If your goal is to see who is currently logged in, use the command w (you literally just type the letter "w" and hit enter) and that will show you who is logged into your system. You can also see who previously logged into the system by typing the command last.

Let us know how it goes,

Regards,
RJ

Good afternoon Datha Parsi,

Our colleague RJ gave you a good initial advice.

Your question is not clear if you want to list what users are configured through directory services (AD, LDAP, and so on) when SSSD is configured, or what users are authorized to log in when SSSD service is running.

The answer can be a bit more complex.

a) One can set up PAM authentication and use, for example /etc/security/access.conf, to configure which remote users can log into the server (including users who are set up in AD/LDAP).

b) If SSSD enumeration is enabled "getent passwd" will list all local and AD/LDAP users.

c) If you want to verify all users in AD/LDAP when SSSD is configured, one of the ways might be:

$ ldapsearch -LLL -x -h <LDAPSRV> -p <LDAPPORT> -b "dc=myorg,dc=org" sAMAccountName=* -D <MYLDAPACC> 

Best wishes from down-under (Australia, although it is still winter, temperature is almost 30 celsius in Sydney today)) ,

Dusan Baljevic (amateur radio VK2COT)