Changing Existing Profiles

Adapt an existing profile to suit the authentication needs of the organization.

Profiles use settings stored in the /etc/nsswitch.conf file to enforce authentication and you can change these settings to customize authentication. For more information on the format and content of this file, view the man page:

 man 5 nsswitch.conf

Don't edit /etc/nsswitch.conf directly. Instead, specify the new configuration settings in the /etc/user-nsswitch.conf file.

Use this file to

Ensure that the profile you want to change is the active profile. If required, select the profile to make it the current profile. For example:
```
sudo authselect select sssd
```
Edit the /etc/authselect/user-nsswitch.conf file with the new configuration settings.

Typically, this involves specifying the order and types of sources (such as files, sss, ldap, or dns) used for system databases such as passwd, group, or hosts to control where user, group, and host information is retrieved from.
Note:

Don't try to change any of the following configurations in the file. If you do, they're ignored:
- passwd
- group
- netgroup
- automount
- services
Apply the changes.
```
sudo authselect apply-changes
```
This step applies the changes in the /etc/authselect/user-nsswitch.conf file to the /etc/nsswitch.conf file and affects the active profile.

Important:

If the system is part of an environment that uses either Identity Management or Active Directory, don't use authselect to manage authentication. When the host is made to join either Identity Management or Active Directory, their respective tools take care of managing authentication.