User provisioning with sssd


It is recommended that Posit Workbench’s native user provisioning capabilities be used to provision and manage users. See User provisioning for more information.

It is a common practice in Linux environments to configure sssd to fetch users and groups from an LDAP or Active Directory server to automate the creation (provisioning) of local system accounts.

In addition to user creation, sssd can also be configured to authenticate or authorize users via PAM using the pam_sss module.


nss is an older alternative to sssd that also has LDAP synchronization capabilities. However, differently from sssd, it offers no support for authentication.


When a user has an active session in Posit Workbench, changes to their local account name (username) or uid are not supported and it can lead to unexpected behaviors in Workbench.

Back to top