30 Jul
2015
30 Jul
'15
2:46 p.m.
Hi,
the attached patches implement fetching the keytab for one-way trusts on each sssd restart. This is in order for admin to be able to call service sssd restart and have fresh keytabs in case the trust was re-established in the meantime.
Even though retrieving the keytabs is quite expensive operation, restarting the sssd instance on the IPA server should be quite rare.