> > > SLE342

Administering SSSD on SUSE Linux Enterprise Server 12 (SLE342)


Course Overview

This new 2 day course covers covers the System Security Service Daemon (SSSD) as deployed on the SLES 12 platform. The SSSD, designed for and available for nearly all Linux distributions, is fast becoming the Linux server authentication framework of choice. Comprehensive documentation and technical instruction on the concepts, use cases and deployment techniques for system administrators is still difficult to obtain. This course attempts to do just that.

Who should attend

The course is ideal for system administrators and consultants who need to:

  • Better understand the use case of the SSSD and it’s features
  • Deploy new systems using the SSSD
  • Migrate from legacy PAM LDAP or PAM LDAP/Kerberos configurations
  • More tightly integrate Linux systems into Active Directory environments
  • Assess environment design choices, SSSD best practices and administration


Attendees should have familiarity with the Command Line, Linux System Administration skills and attention to details. SUSE Certified Administrator (SCA) in Enterprise Linux or SUSE Certified Linux Engineer (SCE) in Enterprise Linux certification or level of experience recommended.

Course Objectives

During this course you will learn to :

  • Understand the architecture and functionality of the SSSD
  • Implement the SSSD with common identity providers
  • Secure and optimize the SSSD

Course Content

  • SECTION 1: The features, architecture and requirements of the SSSD
  • SECTION 2: Testing time synchronisation and DNS services
  • SECTION 3: Implement and test the openLDAP client
  • SECTION 4: Install required software (SSSD LDAP/LOCAL providers)
  • SECTION 5: Implement and test the SSSD LDAP providers
  • SECTION 6: Implement and test the SSSD LOCAL providers
  • SECTION 7: Tuning the SSSD configurations and security
  • SECTION 8: Install required software (SSSD Kerberos providers)
  • SECTION 9: Implement and test the SSSD LDAP/Kerberos providers
  • SECTION 10: Joining the Active Directory domain
  • SECTION 11: Implement and test the Linux Kerberos client
  • SECTION 12: Implement and test the openLDAP client (GSSAPI)
  • SECTION 13: Implement and test the SSSD LDAP/Kerberos providers
  • SECTION 14: Tuning the SSSD configurations and security
  • SECTION 15: Using the SSSD tools and utilities
  • SECTION 16: Review the SSSD cache files and records (optional)
  • SECTION 17: Install required software (SSSD AD providers)
  • SECTION 18: Implement and test the SSSD AD providers
  • SECTION 19: Changing between mapped and non-mapped configs
  • SECTION 20: Tuning the SSSD configurations and security
  • SECTION 21: Implement and test autofs maps and caching
  • SECTION 22: Implement and test sudo rules and caching
Classroom Training
Modality: C

Duration 2 days

Click on town name to book Schedule

Currently no local training dates available.  For enquiries please write to info@fastlane.si.

21/10/2019 - 22/10/2019 Frankfurt Enroll
18/11/2019 - 19/11/2019 Hamburg Enroll
09/12/2019 - 10/12/2019 Stuttgart Enroll
20/01/2020 - 21/01/2020 Düsseldorf Enroll
17/02/2020 - 18/02/2020 Munich Enroll
07/10/2019 - 08/10/2019 Milan Enroll
18/11/2019 - 19/11/2019 Rome Enroll