This article applies to Bright 8.2 and later releases
If another authentication mechanism is to be used, SSSD for example, NSLCD will need to be disabled within Bright.
In Bright 8.2 and later releases, the nslcd service is inherited by a special in-built role, which isn’t exposed in BrightView or cmsh. That is what re-installs the nslcd package for example.
You can remove/disable the nslcd role with an option in AdvancedConfig. In /cm/local/apps/cmd/etc/cmd.conf on both headnodes and compute nodes.
Add the following line:
AdvancedConfig = { “RoleService.nslcd=0” }
Please note you should only have one entry for AdvancedConfig, however, these options can be combined with:
AdvancedConfig = { “<key1>=<value1>”, “<key2>=<value2>”, … }
Once the above line is added, please restart the cmd service.
# service cmd restart
# systemctl restart cmd
At this point, you may either remove the service from the headnode and compute nodes…
# cmsh
% device use bright82
% services
% remove nslcd
% commit
% foreach -n node001..node020 (services; remove nslcd)
% commit
(Without the RoleService.nslcd=0 you would normally receive a warning)
Or the alternative is to disable the service autostart and monitoring on the headnode and compute nodes as follows:
# cmsh
% device use master
% services
% use nslcd
% set autostart no
% set monitored no
% commit
For compute nodes, this could be done with a foreach and -n for the node range, or -c for the category
# cmsh
% device
% foreach -n node001..node020 (services; use nslcd; set autostart no; set monitored no)
OR
% foreach -c default (services; use nslcd; set autostart no; set monitored no)
% commit