Understanding Active Directory as an identity provider for sssd
In many ways, something this simple is very welcome on Linux; however, the simplicity is in masking the complex series of events and procedures that occur behind the scenes. It's now time to delve into what makes sssd
work.
We first need to remind ourselves of all the configurations that we added in the only manual part of the process, that is, setting up the infrastructure services of time and DNS required for integration into the Active Directory. The following diagram shows the relationship between the RHEL server and Active Directory:
When we interrogated the Active Directory domain with realm
, we could see from the resulting information that we required the sssd
package among others. The System Security Services Daemon (sssd
) provides a set of daemons to manage access to remote directories and authenticate mechanisms, in our case, the Active Directory. The sssd
service provides the NSS (Name Service Switch) and PAM (Pluggable...