On Thu, Jul 09, 2020 at 03:09:05PM +0200, Nicolas Martin wrote:
Hello,
Using sssd with credentials caching, I encounter the following problem:
When the 389 server is offline, users with cached credentials can login;
users without cached credentials cannot login (normal behavior)
When the 389 server comes back online, users with cached credentials can
login; users without cached credentials still cannot login.
Only restarting the sssd service will allow users without cached
credentials to login.
Is there a timeout to configure or any setting in sssd configuration ?
Hi,
by default SSSD checks once a minute if the server is available again,
please see 'offline_timeout' in man sssd.conf for details.
HTH
bye,
Sumit
I'm using sssd-1.16.2-13.el7_6.8.x86_64 (RHEL 7U6).
I have the following configuration:
[domain/default]
cache_credentials = True
ldap_search_base = dc=XXX
krb5_realm =
EXAMPLE.COM
krb5_server =
kerberos.example.com
id_provider = ldap
auth_provider = ldap
chpass_provider = ldap
ldap_uri = ldaps://YYY
ldap_tls_cacertdir = /etc/openldap/cacerts
[sssd]
services = nss, pam
config_file_version = 2
domains = default
[nss]
[pam]
[sudo]
[autofs]
[ssh]
[pac]
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...