Hi,
On Thu, Jul 7, 2022 at 12:14 PM Fisher, Philip <phil.fisher(a)dxc.com> wrote:
Hi SSSD experts
I have tried examining various documentation and man pages but I am unable
to determine the answer. Specifically, for security reasons, we require
user on our Linux servers to login via AD credentials only (unless they are
a specific local user). In particular, if the provider is offline/not
available (in this case an AD server/servers) then login should fail.
Sounds like `cache_credentials = false`? (see `man sssd.conf`)
I thought it would be possible by setting various "cache" parameters but
the documentation suggests that zero (0) is not a useful value.
So, can this be done? And if so, how? And if I missed some simple thing
in the documentation a reply pointing me to said documentation would be
acceptable :-).
Thanks.
Phil
--
Phil J Fisher
UNIX Technology Consultant
DXC Technology Company -- This message is transmitted to you by or on
behalf of DXC Technology Company or one of its affiliates. It is intended
exclusively for the addressee. The substance of this message, along with
any attachments, may contain proprietary, confidential or privileged
information or information that is otherwise legally exempt from
disclosure. Any unauthorized review, use, disclosure or distribution is
prohibited. If you are not the intended recipient of this message, you are
not authorized to read, print, retain, copy or disseminate any part of this
message. If you have received this message in error, please destroy and
delete all copies and notify the sender by return e-mail. Regardless of
content, this e-mail shall not operate to bind DXC Technology Company or
any of its affiliates to any order or other contract unless pursuant to
explicit written agreement or government initiative expressly permitting
the use of e-mail for such purpose.
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure