When I login with smartcard and SSSD is offline, for example if I am at home, I will of course not get a TGT. But when SSSD goes online (via VPN), I would like to automatically get a TGT. I can't get this to work with smartcard auth - is this possible? I'm testing on RHEL8 beta.
Regards Adam Winberg
On Mon, Feb 25, 2019 at 10:41:19AM +0100, Winberg, Adam wrote:
When I login with smartcard and SSSD is offline, for example if I am at home, I will of course not get a TGT. But when SSSD goes online (via VPN), I would like to automatically get a TGT. I can't get this to work with smartcard auth - is this possible? I'm testing on RHEL8 beta.
This is currently not implemented, but it would of course be possible to implement it.
Since the Smatcard must be present when trying to request a TGT I wonder what would be the best way to handle failures if the card is not present when SSSD goes online. Just fail or try again later in the hope that the card is inserted in the meantime?
While it would be more comfortable to let SSSD automatically request the ticket a workaround with a graphical session might be to switch on the screen lock with Meta-L and unlock it to get a TGT.
bye, Sumit
Regards Adam Winberg
sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o...
sssd-users@lists.fedorahosted.org