Hello Everyone, Is there a flag to disable all caching in sssd? I know we shouldn't disable the various caches. However, I'm working on isolating a problem we're seeing between our firewall and AD.
The firewall has a plugin that monitors AD for session information. When a login occurs, the firewall is supposed to see that and then allow the user to login to hosts inside of a protected network. We have a trust between AD and IPA. Logins to the IPA enrolled server with an AD account always works. But, quite often login from that host to a host inside the protected network fails. When we look on the firewall for live sessions, no session info for that user is found. Obviously, that's why the firewall blocked access. My hunch is one or more of sssd's caching parameters is/are the source of the issue. Thus, I'm wondering if there's a way to quickly disable the caching. Thanks, -- Ranbir _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
