We have a separate daemon that renews all credentials that are in use. This requires a pam
module to register credentials for renewal. You’re welcome to use it. It’s part of our
kerberos tools at
On Aug 14, 2019, at 10:33 AM, Goetz, Patrick G
We run stock sssd on a number of Ubuntu 18.04 servers, and I have not
seen this problem. Also, I haven't done anything to the out of box DNS
configuration. The issue we run in to regularly is that Kerberos
tickets are not renewed and the machine falls out of the domain, but we
now think this might be due to a hostname capitalization problem.
On 8/13/19 11:00 AM, Charles Hedrick wrote:
> On our Ubuntu 18.04 servers, sssd won’t start. Logging shows that it can’t find any
DNS servers. Restarting sssd fixes it.
> /etc/resolv.conf is a symlink to ../run/systemd/resolve/stub-resolv.conf
> If I replace that with a hardcoded resolv.conf with the right name server, sssd comes
up. Network Manager replaces the file with a different one pointing to nameserver
127.0.0.53, but after another reboot with that file it still works.
> This happens on 4 identical servers, but not on a VM with the same OS. I assume
there’s a timing issue of some sort.
> sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
> To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
>>> This message is from an external sender. Learn more about why this <<
>>> matters at https://links.utexas.edu/rtyclf
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines