[KEYCLOAK-5600] Add information on the SSSD diagnostic tool

This commit is contained in:
Bruno Oliveira 2017-10-02 14:09:14 -03:00
parent f28537370e
commit 74d5795ad5

View file

@ -2,9 +2,9 @@
=== SSSD and FreeIPA Identity Management Integration === SSSD and FreeIPA Identity Management Integration
{project_name} also comes with a built-in https://fedoraproject.org/wiki/Features/SSSD[SSSD] (System Security Services Daemon) plugin. SSSD is part of the latest Fedora or Red Hat Enterprise Linux and provides access to multiple identity and authentication providers. It provides benefits such as failover and offline support. To see configuration options and for more information see https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System-Level_Authentication_Guide/SSSD.html[the Red Hat Enterprise Linux Identity Management documentation]. {project_name} also comes with a built-in https://fedoraproject.org/wiki/Features/SSSD[SSSD] (System Security Services Daemon) plugin. SSSD is part of the latest Fedora or Red Hat Enterprise Linux and provides access to multiple identity and authentication providers. It provides benefits such as failover and offline support. To see configuration options and for more information see https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system-level_authentication_guide/sssd[the Red Hat Enterprise Linux Identity Management documentation].
SSSD also integrates with the http://www.freeipa.org/page/Main_Page[FreeIPA identity management (IdM)] server, providing authentication and access control. For {project_name}, we benefit from this integration authenticating against http://tldp.org/HOWTO/User-Authentication-HOWTO/x115.html[PAM] services and retrieving user data from SSSD. For more information about using Red Hat Identity Management in Linux environments, see https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html[the Red Hat Enterprise Linux Identity Management documentation]. SSSD also integrates with the http://www.freeipa.org/page/Main_Page[FreeIPA identity management (IdM)] server, providing authentication and access control. For {project_name}, we benefit from this integration authenticating against http://tldp.org/HOWTO/User-Authentication-HOWTO/x115.html[PAM] services and retrieving user data from SSSD. For more information about using Red Hat Identity Management in Linux environments, see https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/index[the Red Hat Enterprise Linux Identity Management documentation].
image:{project_images}/keycloak-sssd-freeipa-integration-overview.png[] image:{project_images}/keycloak-sssd-freeipa-integration-overview.png[]
@ -134,6 +134,10 @@ For authentication with PAM {project_name} uses JNA. Be sure you have this packa
$ sudo yum install jna $ sudo yum install jna
Use `sssctl user-checks` command to validate your setup:
$ sudo sssctl user-checks admin -s keycloak
=== Configuring a Federated SSSD Store === Configuring a Federated SSSD Store
After installation, you need to configure a federated SSSD store. After installation, you need to configure a federated SSSD store.