From Fedora Project Wiki

Revision as of 21:44, 24 July 2013 by Jhrozek (talk | contribs) (Created page with "{{QA/Test_Case |description=Use an old version of SSSD to gain access to trusted domain users |setup= <ol> <li>Make sure your FreeIPA server is set up as in [[QA:Testcase_free...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Description

Use an old version of SSSD to gain access to trusted domain users

Setup

  1. Make sure your FreeIPA server is set up as in QA:Testcase_freeipa_trust_establish.
  2. Make sure nss-pam-ldapd is installed. This test uses RHEL-6.3 as an example, but the steps should be similar for other distribution or OS

How to test

Add test users and groups on the IPA server

When testing the legacy client, we will begin by creating a user and a group he is a member of on the server first to establish a baseline. 

$ kinit admin
$ ipa user-add --first=test --last=user tuser
$ ipa group-add --desc="test group" tgroup
$ ipa group-add-member --users=tuser tgroup

Also set some password for the newly created user so that we can log in using his credentials. 

$ ipa passwd tuser

Install required packages

The package installation step differs for every OS or distribution. in Fedora/RHEL, simply install the packages using yum: 

 # yum install sssd authconfig

The authconfig utility will help us configure the PAM stack.

Expected Results

Both users from the IPA domain and the trusted domain should be able to log in.

Retrieved from "https://fedoraproject.org/w/index.php?title=QA:Testcase_freeipa_use_legacy_sssd_to_give_access_to_trusted_domain_users&oldid=346444"