Last modified 7 years ago Last modified on 04/30/09 19:09:03


This test ensures that users stored in native LDB backend can log in using SSSD.

How to test

  1. Follow the steps in Installing the SSSD. If you are running the Test Day LiveCD, you may skip this step. Especially ensure that you have the right contents of /etc/pam.d/system-auth.
  2. As root, create the file /etc/pam.d/sssdproxylocal. DUE TO OVERSIGHT, THIS FILE IS NOT ON THE LIVECD
    auth        required
    auth        sufficient
    auth        sufficient nullok
    auth        requisite uid >= 500 quiet
    auth        required
    account     sufficient
    account     sufficient
    account     sufficient uid < 500 quiet
    account     required
    password    requisite try_first_pass retry=3
    password    sufficient sha512 shadow nullok use_authtok
    password    required
    session     optional revoke
    session     required
    session     [success=1 default=ignore] service in crond quiet use_uid
    session     sufficient
  3. Choose one user from /etc/passwd. It may be convenient to create one just for testing and assign him a known password
    useradd validlocaluser -u 4999
    passwd validlocaluser
    If 4999 is taken, use something else in the 500-4999 range.
  4. Make sure the SSH deamon is running. If not, start it
    service sshd status
    service sshd start
  5. Try logging in as validlocaluser
    ssh localhost -l validlocaluser@LEGACYLOCAL
  6. While logged in as validlocaluser, try changing your password
  7. Log out and log back in using your new password
    ssh localhost -l validlocaluser@LEGACYLOCAL