On Thu, May 09, 2013 at 04:20:43PM +0100, michael gabriel wrote:
Hi there,
We have two different ldap "accounts". One is used to get user account information and the other is used get sudo information.
Is there way to have two ldap_default_bind_dn's and ldap_default_authtok's for each of these account configured in sssd.conf.
No, currently that's not possible, sorry. The SSSD currently only keeps one connection to the LDAP server open for retrieving identity information and only performs binds to authenticate users.
Is there a reason you don't want to use the "sudo" account to read user information as well? Is only the other account permitted to read non-sudoers information?