I am currently using sssd to authenticate users to active directory. However, I still need to be able to add local users. I noticed SSSD has a local provider and also as a tool to add local users to the cache through sss_useradd. But through my testing, it would appear using useradd works fine and doesn't cause issues with SSSD, providing user GID/UID and id doesn't exist.
My question is, can anyone provide me a reason to use sss_useradd and local provider over useradd? Using SSSD, if the cache is purged, won't that mean users are deleted? At least with useradd, those users will survive if sssd cache is purged. Thanks
Best Answer
(sssd developer here) The local provider has a bit of a history, we wanted to use it to replace the traditional files store with one that supports nested groups or custom attributes, but then we never actually got around to implement the provider fully. And we're working on augmenting the files store now instead of replacing it.
I would say right now the local provider is mostly useful for testing. The only feature atop the files store you might be interested in is support for nested groups, but otherwise, treat it as an experimental feature..