Photon OS 5.0 and sssd

[MAHDTech]

Is your feature request related to a problem? Please describe.

I'm looking for some documentation on how to connect Photon OS 5.0 to Active Directory.

Now that likewise is removed, is sssd the preferred option?

Describe the solution you'd like

A wiki page with some tips on sssd and how to configure pam for ssh and console logins.

Describe alternatives you've considered

Red Hat and Canonical documentation gets close, but seems I'm missing some steps that are Photon specific.

Additional context

No response

[MAHDTech]

Is it possible to get realm added as a package in PhotonOS, would make this process much easier.

[novaksam]

I'm observing that access_provider doesn't appear to work at all on photon, so yeah, we need some help.

[novaksam]

Ok, figured out my issue.

default /etc/pam.d/system-account

# Begin /etc/pam.d/system-account
account   sufficient    pam_unix.so
account   [default=bad success=ok user_unknown=ignore] pam_sss.so
# End /etc/pam.d/system-account

fixed /etc/pam.d/system-account (tweaked based on centos pam files)

# Begin /etc/pam.d/system-account
account   required    pam_unix.so
account   sufficient    pam_localuser.so
account   sufficient    pam_usertype.so issystem
account   [default=bad success=ok user_unknown=ignore] pam_sss.so
account   required      pam_permit.so
# End /etc/pam.d/system-account