Create Local users after sssd+ad binding?


#1

Hi

I have miq configured with sssd with AD binding at OS level and enable external httpd auth for miq user account auto creation and password authentication.

But I found only admin is the only local supported local user. If I created local-user01 in miq GUI then this “local-user01” is expected to authenticated with remote AD server.

Is there a way to create local accounts and set local password like “admin” account ?


#2

Was wondering the same thing just yesterday. Tried to create a local account but didn’t see any way of setting a local password for the user.


#3

If you have an appliance in the region which is not configured for external authentication you can create local users including password there, and log in there with local users (only).


#4

@jcutter

I have two worker miq instances in a region.
r2wk01 is configured with external httpd and while r2wk02 is using local database for authentication(for this test).

I was able to create local account and set local password from r2wk02 and see local account got displayed on r2wk01. But r2wk01’s authentication setting got switched over to local Database also. Since bother wk01 and wk02 are connected to same PG db.

The ideal case will be allowing us to set local db as first and then then check remote AD as IDM sources.

Let me know if I need to open up a RFE request.