While having a username in both kerberos KDC and LDAP, how can we stack these authentication methods with SSSD the same was as in the past?

Solution Verified - Updated -

Issue

  • While having a username in both kerberos KDC and LDAP, how can we stack these authentication methods with SSSD the same was as in the past?
  • I have the following setup with pam_krb5 and pam_ldap, how can I use the same functionality with SSSD?
    • users exist both in a kerberos KDC and as user object in LDAP
    • In kerberos and in LDAP they are named identically
    • the LDAP user object contains a password hash
    • In the past I used to stack pam_krb5 and pam_ldap for authentication so first kerberos authentication was attempted, if not succeeding LDAP authentication was attempted

Environment

  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 5
  • SSSD
  • kerberos
  • LDAP

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content