{"id":11240,"date":"2022-03-25T20:21:28","date_gmt":"2022-03-25T17:21:28","guid":{"rendered":"https:\/\/kifarunix.com\/?p=11240"},"modified":"2024-03-09T10:57:47","modified_gmt":"2024-03-09T07:57:47","slug":"configure-sssd-for-ldap-authentication-on-ubuntu-22-04","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/configure-sssd-for-ldap-authentication-on-ubuntu-22-04\/","title":{"rendered":"Configure SSSD for LDAP Authentication on Ubuntu 22.04"},"content":{"rendered":"\n<p>This guide will take you through how to install and configure SSSD for LDAP authentication on Ubuntu 22.04. <a href=\"https:\/\/docs.pagure.org\/SSSD.sssd\/\" target=\"_blank\" rel=\"noreferrer noopener\">SSSD<\/a> (System Security Services Daemon) is a system service to access remote directories and authentication mechanisms such as an LDAP directory, an Identity Management (IdM) or Active Directory (AD) domain, or a Kerberos realm.<\/p>\n\n\n\n<div class=\"wp-block-rank-math-toc-block\" id=\"rank-math-toc\"><h2>Table of Contents<\/h2><nav><ul><li><a href=\"#configure-sssd-for-ldap-authentication\">Configure SSSD for LDAP Authentication<\/a><ul><li><a href=\"#run-system-update\">Run System Update<\/a><\/li><li><a href=\"#install-sssd-on-ubuntu-22-04\">Install SSSD on Ubuntu 22.04<\/a><\/li><li><a href=\"#configure-sssd-for-open-ldap-authentication-on-ubuntu-22-04\">Configure SSSD\u00a0for OpenLDAP Authentication on Ubuntu 22.04<\/a><ul><li><a href=\"#create-sssd-configuration-file\">Create SSSD configuration file<\/a><\/li><li><a href=\"#install-open-ldap-server-ca-certificate-on-ubuntu-22-04-ldap-client\">Install OpenLDAP Server CA Certificate on Ubuntu 22.04 LDAP client<\/a><\/li><li><a href=\"#set-proper-permissions-and-ownership-on-sssd-configurations\">Set Proper Permissions and Ownership on SSSD configurations<\/a><\/li><\/ul><\/li><li><a href=\"#configure-auto-home-directory-creation\">Configure Auto-Home Directory Creation<\/a><\/li><li><a href=\"#verify-sssd-open-ldap-authentication\">Verify SSSD OpenLDAP authentication<\/a><ul><li><a href=\"#verify-ssh-authentication-via-open-ldap-sssd\">Verify SSH Authentication via OpenLDAP SSSD<\/a><\/li><li><a href=\"#verify-gui-authentication-via-open-ldap-sssd\">Verify GUI authentication via OpenLDAP SSSD<\/a><\/li><\/ul><\/li><li><a href=\"#related-tutorials\">Related Tutorials<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"configure-sssd-for-ldap-authentication\">Configure SSSD for LDAP Authentication<\/h2>\n\n\n\n<p>Assuming you already have a running OpenLDAP server, proceed with this guide to learn how to install and configure SSSD for LDAP authentication.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"run-system-update\">Run System Update<\/h3>\n\n\n\n<p>Ensure that your system package cache is up-to-date.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>apt update<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"install-sssd-on-ubuntu-22-04\">Install SSSD on Ubuntu 22.04<\/h3>\n\n\n\n<p>To install SSSD and other required SSSD tools on Ubuntu 22.04, run the command below;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>apt install sssd libpam-sss libnss-sss sssd-tools<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"configure-sssd-for-open-ldap-authentication-on-ubuntu-22-04\">Configure SSSD&nbsp;for OpenLDAP Authentication on Ubuntu 22.04<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"create-sssd-configuration-file\">Create SSSD configuration file<\/h4>\n\n\n\n<p>SSSD do not ship with any configuration file by default. As such, you need to create your configuration file that defines your LDAP authentication specifics.<\/p>\n\n\n\n<p>Below is our sample configuration options;<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>\ncat > \/etc\/sssd\/sssd.conf << 'EOL'\n[sssd]\nservices = nss, pam\nconfig_file_version = 2\ndomains = default\n\n[nss]\n\n[pam]\noffline_credentials_expiration = 60\n\n[domain\/default]\nldap_id_use_start_tls = True\ncache_credentials = True\nldap_search_base = dc=ldapmaster,dc=kifarunix-demo,dc=com\nid_provider = ldap\nauth_provider = ldap\nchpass_provider = ldap\naccess_provider = ldap\nldap_uri = ldap:\/\/ldapmaster.kifarunix-demo.com\nldap_default_bind_dn = cn=readonly,ou=system,dc=ldapmaster,dc=kifarunix-demo,dc=com\nldap_default_authtok = P@ssWOrd\nldap_tls_reqcert = demand\nldap_tls_cacert = \/etc\/ssl\/certs\/ldapcacert.crt\nldap_tls_cacertdir = \/etc\/ssl\/certs\nldap_search_timeout = 50\nldap_network_timeout = 60\nldap_access_order = filter\nldap_access_filter = (objectClass=posixAccount)\nEOL\n<\/code><\/pre>\n\n\n\n<p>Check the highlighted lines above and replace their values appropriately.<\/p>\n\n\n\n<p>You can also update your access filters.<\/p>\n\n\n\n<p>For a comprehensive description of options used above, refer to&nbsp;<strong><code>man sssd.conf<\/code><\/strong> and <code><strong>man sssd-ldap<\/strong><\/code>.<\/p>\n\n\n\n<p>Once you are done with your configurations, save and exit the file.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"install-open-ldap-server-ca-certificate-on-ubuntu-22-04-ldap-client\">Install OpenLDAP Server CA Certificate on Ubuntu 22.04 LDAP client<\/h4>\n\n\n\n<p>SSSD authentication can only work over an encrypted communication channel. Therefore, your OpenLDAP server must be configured SSL\/TLS.<\/p>\n\n\n\n<p>If you have done this already, download the CA certificate from the LDAP server to the LDAP client by executing the command below;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>openssl s_client -connect ldapmaster.kifarunix-demo.com:636 -showcerts &lt; \/dev\/null | openssl x509 -text | sed -ne '\/-BEGIN CERTIFICATE-\/,\/-END CERTIFICATE-\/p'<\/code><\/pre>\n\n\n\n<p>if you are downloading the certificates from an OpenLDAP server listening on STARTTLS (port 389\/{tcp,udp}), use the command below instead;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>openssl s_client -connect ldapmaster.kifarunix-demo.com:389 -starttls ldap -showcerts &lt; \/dev\/null | openssl x509 -text | sed -ne '\/-BEGIN CERTIFICATE-\/,\/-END CERTIFICATE-\/p'<\/code><\/pre>\n\n\n\n<p>Copy the certificate part;<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>-----BEGIN CERTIFICATE-----\nMIIDvzCCAqegAwIBAgIUc8imlOVhEej453dXtvacn7krg1MwDQYJKoZIhvcNAQEL\nBQAwbzELMAkGA1UEBhMCS0UxDDAKBgNVBAgMA05haTEMMAoGA1UEBwwDTWFpMRww\nGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMSYwJAYDVQQDDB1sZGFwbWFzdGVy\n...\n...\nExJaMa6cJkIFmepJ6wGvk33DiLRZrAKT2\/11yswYm16mdpUynmx6pZvZizjxkq+c\nhegnowyEG4db\/NktY44v2ryIQdEclnKmhk23vmhgZxl1IUgev2tc\/\/JWPE9dXuP8\nUy7ivNi2PL6mBwxMpyi0zTopqTXSvi54APm48dd0JPsGLTIgPMc1WvaN7TsUeIBs\nIgf9K1e9M0Q+j2XEsTeCYVU\/v0Jt0kER0+V\/NM0IrDOX+6kRz6DNsZrwcMEf5Yvp\nARWZ\n-----END CERTIFICATE-----\n<\/code><\/pre>\n\n\n\n<p>As per our SSSD configuration, the LDAP CA certificate file is stored as <strong><code>\/etc\/ssl\/certs\/ldapcacert.crt<\/code><\/strong> on the client. <strong>Note<\/strong> that the location of the CA cert file might be different for your case.<\/p>\n\n\n\n<p>Therefore, copy the certificate above and place it in this file;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>vim \/etc\/ssl\/certs\/ldapcacert.crt<\/code><\/pre>\n\n\n\n<pre class=\"scroll-box\"><code>-----BEGIN CERTIFICATE-----\nMIIDvzCCAqegAwIBAgIUc8imlOVhEej453dXtvacn7krg1MwDQYJKoZIhvcNAQEL\nBQAwbzELMAkGA1UEBhMCS0UxDDAKBgNVBAgMA05haTEMMAoGA1UEBwwDTWFpMRww\nGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMSYwJAYDVQQDDB1sZGFwbWFzdGVy\n...\n...\nExJaMa6cJkIFmepJ6wGvk33DiLRZrAKT2\/11yswYm16mdpUynmx6pZvZizjxkq+c\nhegnowyEG4db\/NktY44v2ryIQdEclnKmhk23vmhgZxl1IUgev2tc\/\/JWPE9dXuP8\nUy7ivNi2PL6mBwxMpyi0zTopqTXSvi54APm48dd0JPsGLTIgPMc1WvaN7TsUeIBs\nIgf9K1e9M0Q+j2XEsTeCYVU\/v0Jt0kER0+V\/NM0IrDOX+6kRz6DNsZrwcMEf5Yvp\nARWZ\n-----END CERTIFICATE-----\n<\/code><\/pre>\n\n\n\n<p>Verify the validity of the certificate;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>openssl s_client -connect ldapmaster.kifarunix-demo.com:389 -CAfile \/etc\/ssl\/certs\/ldapcacert.crt<\/code><\/pre>\n\n\n\n<p>If you get, <code><strong>Verification: OK<\/strong><\/code> or <code><strong>Verify return code: 0 (ok)<\/strong><\/code> on the command output, then you are all set.<\/p>\n\n\n\n<p>Next, open the&nbsp;<code><strong>\/etc\/ldap\/ldap.conf<\/strong><\/code>&nbsp;and replace the value of&nbsp;<strong><code>TLS_CACERT<\/code><\/strong>&nbsp;with the path to the CA certificate created above.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>vim \/etc\/ldap\/ldap.conf<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>...\n# TLS certificates (needed for GnuTLS)\n#TLS_CACERT     \/etc\/ssl\/certs\/ca-certificates.crt\n<strong>TLS_CACERT      \/etc\/ssl\/certs\/ldapcacert.crt<\/strong><\/code><\/pre>\n\n\n\n<p>Save and close the configuration file.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"set-proper-permissions-and-ownership-on-sssd-configurations\">Set Proper Permissions and Ownership on SSSD configurations<\/h4>\n\n\n\n<p>After that, assign the root user read\/write access to&nbsp;<code>\/etc\/sssd\/<\/code>.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>chmod 600 -R \/etc\/sssd\nchown -R root: \/etc\/sssd<\/code><\/pre>\n\n\n\n<p>Perform static analysis of SSSD configuration to check if any error;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sssctl config-check<\/code><\/pre>\n\n\n\n<p>Restart SSSD service<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>systemctl restart sssd<\/code><\/pre>\n\n\n\n<p>Check the status of SSSD to ensure that it is running.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>systemctl status sssd<\/code><\/pre>\n\n\n\n<pre class=\"scroll-box\"><code>\n\u25cf sssd.service - System Security Services Daemon\n     Loaded: loaded (\/lib\/systemd\/system\/sssd.service; enabled; vendor preset: enabled)\n     Active: active (running) since Fri 2022-03-25 19:39:39 EAT; 5min ago\n   Main PID: 627 (sssd)\n      Tasks: 4 (limit: 2306)\n     Memory: 15.3M\n        CPU: 662ms\n     CGroup: \/system.slice\/sssd.service\n             \u251c\u2500 627 \/usr\/sbin\/sssd -i --logger=files\n             \u251c\u2500 965 \/usr\/libexec\/sssd\/sssd_be --domain default --uid 0 --gid 0 --logger=files\n             \u251c\u25001027 \/usr\/libexec\/sssd\/sssd_nss --uid 0 --gid 0 --logger=files\n             \u2514\u25001028 \/usr\/libexec\/sssd\/sssd_pam --uid 0 --gid 0 --logger=files\n\nMac 25 19:38:30 ubuntu2204 systemd[1]: Starting System Security Services Daemon...\nMac 25 19:38:50 ubuntu2204 sssd[627]: Starting up\nMac 25 19:39:23 ubuntu2204 sssd_be[965]: Starting up\nMac 25 19:39:30 ubuntu2204 sssd_nss[1027]: Starting up\nMac 25 19:39:30 ubuntu2204 sssd_pam[1028]: Starting up\nMac 25 19:39:39 ubuntu2204 systemd[1]: Started System Security Services Daemon.\nMac 25 19:40:50 ubuntu2204 sssd_be[965]: Backend is online\n<\/code><\/pre>\n\n\n\n<p>Enable SSSD to run on system boot;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>systemctl enable sssd<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"configure-auto-home-directory-creation\">Configure Auto-Home Directory Creation<\/h3>\n\n\n\n<p>To enable automatic creation of user\u2019s home directory on first login, you need to configure the PAM modules (<code>pam_mkhomedir.so<\/code>) as shown below.<\/p>\n\n\n\n<p>Open the&nbsp;<code>\/etc\/pam.d\/common-session<\/code>&nbsp;configuration file and edit is ad follows;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>vim \/etc\/pam.d\/common-session<\/code><\/pre>\n\n\n\n<p>Add the line;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>session required        pam_mkhomedir.so skel=\/etc\/skel\/ umask=0022<\/code><\/pre>\n\n\n\n<p>just below the line;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>session optional                        pam_sss.so<\/code><\/pre>\n\n\n\n<p>Such that it look like;<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>...\n# The pam_umask module will set the umask according to the system default in\n# \/etc\/login.defs and user settings, solving the problem of different\n# umask settings with different shells, display managers, remote sessions etc.\n# See \"man pam_umask\".\nsession optional                        pam_umask.so\n# and here are more per-package modules (the \"Additional\" block)\nsession required        pam_unix.so\nsession optional                        pam_sss.so\n<strong>session required        pam_mkhomedir.so skel=\/etc\/skel\/ umask=0022<\/strong>\nsession optional        pam_systemd.so\n# end of pam-auth-update config\n...\n<\/code><\/pre>\n\n\n\n<p>Save and exit the configuration file.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"verify-sssd-open-ldap-authentication\">Verify SSSD OpenLDAP authentication<\/h3>\n\n\n\n<p>The installation and configuration of SSSD is done.<\/p>\n\n\n\n<p>To verify that you can login, try to authenticate against your LDAP server.<\/p>\n\n\n\n<p>In this guide, we have two users, <code>janedoe<\/code> and <code>johndoe<\/code>, created on our OpenLDAP Server for demo purposes.<\/p>\n\n\n\n<p>The command below is ran on my LDAP Server;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>ldapsearch -H ldapi:\/\/\/ -Y EXTERNAL -b \"ou=people,dc=ldapmaster,dc=kifarunix-demo,dc=com\" dn -LLL -Q<\/code><\/pre>\n\n\n\n<p>Sample Output;<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>\ndn: ou=people,dc=ldapmaster,dc=kifarunix-demo,dc=com\n\n<strong>dn: uid=janedoe,ou=people,dc=ldapmaster,dc=kifarunix-demo,dc=com\n\ndn: uid=johndoe,ou=people,dc=ldapmaster,dc=kifarunix-demo,dc=com<\/strong>\n<\/code><\/pre>\n\n\n\n<p>These information about the users above should now be printable on the Ubuntu 22.04 ldap client.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>root@ubuntu2204:~# <strong>id johndoe<\/strong><\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>uid=10000(johndoe) gid=10000(johndoe) groups=10000(johndoe)<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>root@ubuntu20:~# <strong>id janedoe<\/strong><\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>uid=10010(janedoe) gid=10010(janedoe) groups=10010(janedoe)<\/code><\/pre>\n\n\n\n<p>To demonstrate the SSSD LDAP authentication, we will use both SSH and GUI based authentication;<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"verify-ssh-authentication-via-open-ldap-sssd\">Verify SSH Authentication via OpenLDAP SSSD<\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>ssh johndoe@ubuntu2204<\/code><\/pre>\n\n\n\n<pre class=\"scroll-box\"><code>\nThe authenticity of host 'ubuntu2204 (192.168.59.38)' can't be established.\nECDSA key fingerprint is SHA256:Wx4prraXmi5rdkjbgXGXixeToBXCuIpTSE6Tw5nGQJ0.\nAre you sure you want to continue connecting (yes\/no\/[fingerprint])? yes\nWarning: Permanently added 'ubuntu2204' (ECDSA) to the list of known hosts.\njohndoe@ubuntu2204's password: \n<strong>Creating directory '\/home\/johndoe'.<\/strong>\nWelcome to Ubuntu Jammy Jellyfish (development branch) (GNU\/Linux 5.15.0-18-generic x86_64)\n\n * Documentation:  https:\/\/help.ubuntu.com\n * Management:     https:\/\/landscape.canonical.com\n * Support:        https:\/\/ubuntu.com\/advantage\n\n481 updates can be applied immediately.\nTo see these additional updates run: apt list --upgradable\n\nYour Hardware Enablement Stack (HWE) is supported until April 2025.\n\nThe programs included with the Ubuntu system are free software;\nthe exact distribution terms for each program are described in the\nindividual files in \/usr\/share\/doc\/*\/copyright.\n\nUbuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by\napplicable law.\n\nLast login: Fri Mar 25 19:55:03 2022 from 192.168.59.1\njohndoe@ubuntu2204:~$\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"verify-gui-authentication-via-open-ldap-sssd\">Verify GUI authentication via OpenLDAP SSSD<\/h4>\n\n\n\n<p>Reboot your Ubuntu 22.04 desktop after SSSD setup and and verify authentication.<\/p>\n\n\n\n<p>Once it boots, on the GDM login interface, click <strong>Not listed<\/strong> to enter your OpenLDAP username and password.<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/03\/ubuntu-sssd-ldap-authentication.png\" class=\"td-modal-image\"><div class=\"wp-block-image\"><figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1076\" height=\"816\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/03\/ubuntu-sssd-ldap-authentication.png\" alt=\"\" class=\"wp-image-11929\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/03\/ubuntu-sssd-ldap-authentication.png?v=1648228263 1076w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/03\/ubuntu-sssd-ldap-authentication-768x582.png?v=1648228263 768w\" sizes=\"(max-width: 1076px) 100vw, 1076px\" \/><\/figure><\/div><\/a><\/div>\n\n\n\n<p>Upon successful login, you land on Ubuntu 22.04 desktop.<\/p>\n\n\n\n<div><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/03\/ubuntu-sssd-authentication.png\" class=\"td-modal-image\"><figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1513\" height=\"797\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/03\/ubuntu-sssd-authentication.png\" alt=\"\" class=\"wp-image-11930\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/03\/ubuntu-sssd-authentication.png?v=1648228289 1513w, https:\/\/kifarunix.com\/wp-content\/uploads\/2022\/03\/ubuntu-sssd-authentication-768x405.png?v=1648228289 768w\" sizes=\"(max-width: 1513px) 100vw, 1513px\" \/><\/figure><\/a><\/div>\n\n\n\n<p>And there you go. You have successfully installed and configured SSSD for LDAP Authentication on Ubuntu 22.04.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"related-tutorials\">Related Tutorials<\/h3>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/configure-sssd-for-openldap-authentication-on-ubuntu-18-04\/\" target=\"_blank\" rel=\"noreferrer noopener\">Configure SSSD for OpenLDAP Authentication on Ubuntu 18.04<\/a><\/p>\n\n\n\n<p><a rel=\"noreferrer noopener\" href=\"https:\/\/kifarunix.com\/install-phpldapadmin-on-centos-8\/\" target=\"_blank\">Install phpLDAPadmin on CentOS 8<\/a><\/p>\n\n\n\n<p><a rel=\"noreferrer noopener\" href=\"https:\/\/kifarunix.com\/configure-owncloud-openldap-authentication\/\" target=\"_blank\">Configure ownCloud OpenLDAP Authentication<\/a><\/p>\n\n\n\n<p><a rel=\"noreferrer noopener\" href=\"https:\/\/kifarunix.com\/configure-openldap-host-based-authentication\/\" target=\"_blank\">Configure OpenLDAP Host Based Authentication<\/a><\/p>\n\n\n\n<p><a rel=\"noreferrer noopener\" href=\"https:\/\/kifarunix.com\/how-to-create-openldap-member-groups\/\" target=\"_blank\">How to Create OpenLDAP Member Groups<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This guide will take you through how to install and configure SSSD for LDAP authentication on Ubuntu 22.04. SSSD (System Security Services Daemon) is a<\/p>\n","protected":false},"author":1,"featured_media":10441,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[121],"tags":[4742,4738,1248,4740,1131,4741,4739],"class_list":["post-11240","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-howtos","tag-configure-sssd-for-ldap-authentication","tag-install-sssd-on-ubuntu-22-04","tag-ldap-authentication","tag-openldap-client-ubuntu","tag-sssd","tag-ubuntu-22-04-openldap-client","tag-ubuntu-22-04-sssd","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/11240"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=11240"}],"version-history":[{"count":6,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/11240\/revisions"}],"predecessor-version":[{"id":20433,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/11240\/revisions\/20433"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media\/10441"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=11240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=11240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=11240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}