我们有可信域(默认域:example.com 和可信域:test.com)用户无法使用 SSSD 登录 SLES 15 用户。这是创建的配置文件 sssd.conf
[sssd]
config_file_version = 2
services = nss, pam
domains = example.com, test.com
debug_level = 9
[nss]
[pam]
[domain/example.com]
ad_domain = example.com
krb5_realm = EXAMPLE.COM
realmd_tags = manages-system joined-with-adcli
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = False
use_fully_qualified_names = False
fallback_homedir = /home/%u
access_provider = ad
simple_allow_groups = hecad
auto_private_groups = false
ldap_user_gecos = mail
debug_level = 9
[domain/test.com]
ad_domain = test.com
krb5_realm = TEST.COM
realmd_tags = manages-system joined-with-adcli
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = False
use_fully_qualified_names = False
fallback_homedir = /home/%u
access_provider = ad
simple_allow_groups = trust_group
auto_private_groups = false
ldap_user_gecos = mail
debug_level = 9
请让我知道,在 SLES 15 操作系统中使用 sssd 支持多个 AD 林的任何解决方案