问题描述
显然,authselect已取代CentOS 8.2上的authconfig。以前,在CentOS 7上,安装
yum install -y openldap openldap-clients nss-pam-ldapd
配置/etc/nsswitch.conf和/etc/openldap/ldap.conf并运行
authconfig --enableldap --enableldapauth --ldapserver=xx.xx.xx.xx --ldapbasedn="dc=example,dc=com" --enablemkhomedir --update
将保证“ ldapsearch -x”正常工作。 CentOS 8.2并非如此。
# authconfig --enableldap --enableldapauth --ldapserver=xx.xx.xx.xx --ldapbasedn="dc=example,dc=com" --enablemkhomedir --update
Running authconfig compatibility tool.
The purpose of this tool is to enable authentication against chosen services with authselect and minimum configuration. It does not provide all capabilities of authconfig.
IMPORTANT: authconfig is replaced by authselect,please update your scripts.
See man authselect-migration(7) to help you with migration to authselect
Executing: /usr/bin/authselect check
Executing: /usr/bin/authselect current --raw
Executing: /usr/bin/authselect select sssd with-mkhomedir --force
Executing: /usr/bin/systemctl enable sssd.service
Executing: /usr/bin/systemctl stop sssd.service
Executing: /usr/bin/systemctl start sssd.service
Executing: /usr/bin/systemctl enable oddjobd.service
Executing: /usr/bin/systemctl stop oddjobd.service
Executing: /usr/bin/systemctl start oddjobd.service
# ldapsearch -x
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
谷歌搜索我缺少的内容或如何将authconfig转换为authselect并没有帮助。
解决方法
显然,RedHat不能替代旧的 authconfig 命令,但是您仍然可以手动配置LDAP,src:https://access.redhat.com/discussions/4271752