Description
Use an old version of SSSD to gain access to trusted domain users
Setup
- Make sure your FreeIPA server is set up as in QA:Testcase_freeipa_trust_establish.
- Make sure nss-pam-ldapd is installed. This test uses RHEL-6.3 as an example, but the steps should be similar for other distribution or OS
How to test
Add test users and groups on the IPA server
When testing the legacy client, we will begin by creating a user and a group he is a member of on the server first to establish a baseline.
$ kinit admin $ ipa user-add --first=test --last=user tuser $ ipa group-add --desc="test group" tgroup $ ipa group-add-member --users=tuser tgroup
Also set some password for the newly created user so that we can log in using his credentials.
$ ipa passwd tuser
Install required packages
The package installation step differs for every OS or distribution. in Fedora/RHEL, simply install the packages using yum:
# yum install sssd authconfig
The authconfig utility will help us configure the PAM stack.
Expected Results
Both users from the IPA domain and the trusted domain should be able to log in.