I want to enable / configure the LDAP client in SLES 12 without the use of the yast GUI. Before 12 (or 11 sp3 if I remember well) I used to do it with:
yast2 ldap configure server="myserver" base="mybase" [some other parameters]
basically it was a configuration like in RHEL with authconfig
authconfig --enableldap --enableldapauth --enablemkhomedir [some other parameters]
My question is:
is there a way to configure (or at least just enable) the LDAP client without any GUI interaction? I want to do it in a scripted way, after the system is installed. I don't want to go for the autoyast method.
Best Answer
So, after some research / tests I finally found out how to configure the LDAP Client on the newer SLES releases without GUI interaction.
Be sure that the packages needed are installed (I use sudo with ldap that's why I install libsss_sudo. You don't have to install it if you don't need it).
Configure PAM modules (I personally set them to create a home folder on login and set the umask for the new directory to 077)
Disable the "old" nscd to avoid conflicts and enable the sssd
Finally edit the nsswitch.conf and sssd.conf with your settings and remember to restart the sssd service
*I used to have a problem on SLES 12 when starting the sssd service due to a socket that was left open from nscd (even though nscd was disabled / stopped). With
unlink /var/run/nscd/socketI managed fix it.