Tried following the instructions here -> https://www.novell.com/support/kb/doc.php?id=7014572

No luck. Got it to run without errors, but getent never returned anything from AD - only from "files".

So, using realmd I configured sssd on a Centos 7 vm. With some help from our Windows people, got it to work. Copied the sssd.conf, krb5.conf, and krb5.keytab to a fresh sles11.4 vm that has the same name as the Centos vm. sssd fails complaining that /usr/lib64/sssd/libsss_ad.so does not exist. Sigh.

Does sssd actually work in sles11sp4? We need AD with Kerberos, real UID/GIDs, netgroups, and auto-mounted homedirs for this to be a success.

Here's the realmd generated sssd.conf:

[sssd]
domains = fnc.fakename.com
default_domain_suffix = FNC.FAKENAME.COM
config_file_version = 2
services = nss, pam

[domain/fnc.fakename.com]
ad_domain = fnc.fakename.com
debug_level = 9
krb5_realm = FNC.FAKENAME.COM
realmd_tags = manages-system joined-with-samba
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = False
use_fully_qualified_names = True
fallback_homedir = /home/%u@%d
access_provider = ad

And the krb5.conf:

[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_ccache_name = KEYRINGersistent:%{uid}