On Sun, 11 Jun 2017, Jakub Hrozek wrote:
Oh, sure. The other alternative might be to mount the cache to tmpfs.
I'm an advocate of this method. With older versions of SSSD, against our
relatively large AD, the performance boost from running with tmpfs was
immense. This advantage has been redu
On Mon, 2017-06-12 at 09:19 +0100, John Hodrien wrote:
> On Sun, 11 Jun 2017, Jakub Hrozek wrote:
>
> > Oh, sure. The other alternative might be to mount the cache to tmpfs.
>
> I'm an advocate of this method. With older versions of SSSD, against our
> relatively large AD, the performance boost
yes, that's what i understood in the logs, the thing is that i don't know what
security filter i can add for Linux clients to be able to dowload the GPO's.
- Mail original -
De: "Michal Židek"
À: sssd-users@lists.fedorahosted.org
Envoyé: Vendredi 9 Juin 2017 11:40:55
Objet: [SSSD-users]
On Mon, Jun 12, 2017 at 08:29:29AM +, Joakim Tjernlund wrote:
> On Mon, 2017-06-12 at 09:19 +0100, John Hodrien wrote:
> > On Sun, 11 Jun 2017, Jakub Hrozek wrote:
> >
> > > Oh, sure. The other alternative might be to mount the cache to tmpfs.
> >
> > I'm an advocate of this method. With old
Hi,
For some users I experience inconsistent group membership, i.e. "getent group
G" does not list user U as a member, but "id -a U" command shows the group G.
Is that normal or a known issue?
Thanks,
Ondrej
-
The information contained in this e-mail and in any attachments is confidential
On Mon, Jun 12, 2017 at 12:20:24PM +, Ondrej Valousek wrote:
> Hi,
>
> For some users I experience inconsistent group membership, i.e. "getent group
> G" does not list user U as a member, but "id -a U" command shows the group G.
> Is that normal or a known issue?
This can be normal, dependin
Thanks,
We talk about a single nesting level so it is likely a bug.
The true is that 'id -a' always shows a correct information so this is more
like a nuisance rather than a bug affecting production.
Also sss_cache -g G does not help, but restarting sssd & delete cache does help.
Hard to replica
On Mon, 2017-06-12 at 10:29 +0200, Joakim Tjernlund wrote:
> On Mon, 2017-06-12 at 09:19 +0100, John Hodrien wrote:
> > On Sun, 11 Jun 2017, Jakub Hrozek wrote:
> >
> > > Oh, sure. The other alternative might be to mount the cache to tmpfs.
> >
> > I'm an advocate of this method. With older vers
On Mon, 12 Jun 2017, Joakim Tjernlund wrote:
hmm, isn't "offline" login creds stored here as well? Then having a RAM fs will
delete
the offline cred's each reboot. Is there a way around this?
You could sync it elsewhere on shutdown perhaps?
So far we've got away with not using tmpfs on machi
On Sun, 2017-06-11 at 20:55 +0200, Jakub Hrozek wrote:
> On Sat, Jun 10, 2017 at 07:56:47AM +, Joakim Tjernlund wrote:
> > On Sat, 2017-06-10 at 08:24 +0200, Jakub Hrozek wrote:
> > > On Fri, Jun 09, 2017 at 04:28:45PM +, Joakim Tjernlund wrote:
> > > > both 1.15.2 and git master hangs afte
On Mon, Jun 12, 2017 at 01:53:27PM +, Joakim Tjernlund wrote:
> On Sun, 2017-06-11 at 20:55 +0200, Jakub Hrozek wrote:
> > On Sat, Jun 10, 2017 at 07:56:47AM +, Joakim Tjernlund wrote:
> > > On Sat, 2017-06-10 at 08:24 +0200, Jakub Hrozek wrote:
> > > > On Fri, Jun 09, 2017 at 04:28:45PM +0
On Mon, 2017-06-12 at 16:01 +0200, Jakub Hrozek wrote:
> On Mon, Jun 12, 2017 at 01:53:27PM +, Joakim Tjernlund wrote:
> > On Sun, 2017-06-11 at 20:55 +0200, Jakub Hrozek wrote:
> > > On Sat, Jun 10, 2017 at 07:56:47AM +, Joakim Tjernlund wrote:
> > > > On Sat, 2017-06-10 at 08:24 +0200, Ja
On Mon, 2017-06-12 at 16:01 +0200, Jakub Hrozek wrote:
> On Mon, Jun 12, 2017 at 01:53:27PM +, Joakim Tjernlund wrote:
> > On Sun, 2017-06-11 at 20:55 +0200, Jakub Hrozek wrote:
> > > On Sat, Jun 10, 2017 at 07:56:47AM +, Joakim Tjernlund wrote:
> > > > On Sat, 2017-06-10 at 08:24 +0200, Ja
On Mon, 2017-06-12 at 17:32 +0200, Joakim Tjernlund wrote:
> On Mon, 2017-06-12 at 16:01 +0200, Jakub Hrozek wrote:
> > On Mon, Jun 12, 2017 at 01:53:27PM +, Joakim Tjernlund wrote:
> > > On Sun, 2017-06-11 at 20:55 +0200, Jakub Hrozek wrote:
> > > > On Sat, Jun 10, 2017 at 07:56:47AM +, Jo
On Mon, Jun 12, 2017 at 03:38:28PM +, Joakim Tjernlund wrote:
> On Mon, 2017-06-12 at 17:32 +0200, Joakim Tjernlund wrote:
> > On Mon, 2017-06-12 at 16:01 +0200, Jakub Hrozek wrote:
> > > On Mon, Jun 12, 2017 at 01:53:27PM +, Joakim Tjernlund wrote:
> > > > On Sun, 2017-06-11 at 20:55 +0200
On Mon, Jun 12, 2017 at 03:32:22PM +, Joakim Tjernlund wrote:
> On Mon, 2017-06-12 at 16:01 +0200, Jakub Hrozek wrote:
> > On Mon, Jun 12, 2017 at 01:53:27PM +, Joakim Tjernlund wrote:
> > > On Sun, 2017-06-11 at 20:55 +0200, Jakub Hrozek wrote:
> > > > On Sat, Jun 10, 2017 at 07:56:47AM +0
On Mon, Jun 12, 2017 at 03:21:43PM +, Joakim Tjernlund wrote:
> On Mon, 2017-06-12 at 16:01 +0200, Jakub Hrozek wrote:
> > On Mon, Jun 12, 2017 at 01:53:27PM +, Joakim Tjernlund wrote:
> > > On Sun, 2017-06-11 at 20:55 +0200, Jakub Hrozek wrote:
> > > > On Sat, Jun 10, 2017 at 07:56:47AM +0
On Mon, 2017-06-12 at 17:51 +0200, Jakub Hrozek wrote:
> On Mon, Jun 12, 2017 at 03:38:28PM +, Joakim Tjernlund wrote:
> > On Mon, 2017-06-12 at 17:32 +0200, Joakim Tjernlund wrote:
> > > On Mon, 2017-06-12 at 16:01 +0200, Jakub Hrozek wrote:
> > > > On Mon, Jun 12, 2017 at 01:53:27PM +, Jo
On Mon, 2017-06-12 at 17:57 +0200, Jakub Hrozek wrote:
> On Mon, Jun 12, 2017 at 03:21:43PM +, Joakim Tjernlund wrote:
> > On Mon, 2017-06-12 at 16:01 +0200, Jakub Hrozek wrote:
> > > On Mon, Jun 12, 2017 at 01:53:27PM +, Joakim Tjernlund wrote:
> > > > On Sun, 2017-06-11 at 20:55 +0200, Ja
Hi,
We recently started facing this error on all new servers that need to be
integrated with AD using SSSD. Every time “net ads join -k” command is issued,
following error is returned:
“Failed to join domain: failed to lookup DC info for domain X.Y.LOCAL' over
rpc: NT_STATUS_CONNECTION_RESET
Forgot to mention these details earlier.
OS : CentOS 6.9
Samba: samba-3.6.23-43.el6_9.x86_64
Thanks,
~ abhi
Sent from my iPhone
> On Jun 12, 2017, at 3:30 PM, Abhijit Tikekar wrote:
>
>
> Hi,
>
> We recently started facing this error on all new servers that need to be
> integrated wi
On (12/06/17 15:30), Abhijit Tikekar wrote:
>
>Hi,
>
>We recently started facing this error on all new servers that need to be
>integrated with AD using SSSD. Every time “net ads join -k” command is issued,
>following error is returned:
>“Failed to join domain: failed to lookup DC info for doma
On 12 June 2017 at 23:23, Ondrej Valousek
wrote:
> Thanks,
>
> We talk about a single nesting level so it is likely a bug.
> The true is that 'id -a' always shows a correct information so this is
> more like a nuisance rather than a bug affecting production.
> Also sss_cache -g G does not help, b
Hello,
I am running
sssd-1.13.3-22.el6_8.4.x86_64
Cheers,
Ondrej
From: Lachlan Musicman [mailto:data...@gmail.com]
Sent: Tuesday, June 13, 2017 1:15 AM
To: End-user discussions about the System Security Services Daemon
Subject: [SSSD-users] Re: Inconsistent group membership
On 12 June 2017
Ondrej,
If you have a dev server or something you can test using the latest sssd
https://copr.fedorainfracloud.org/coprs/g/sssd/sssd-1-15/
I feel like we were seeing a similar issue and it was fixed in either the
1.13/1.14 or 1.14/1.15 transition.
Cheers
L.
--
"Mission Statement: To provid
25 matches
Mail list logo
