That sounds like a much better idea! Thanks for pointing that out.
On Fri, 2017-11-17 at 20:52 +0100, Jakub Hrozek wrote:
> On Fri, Nov 17, 2017 at 07:43:15PM +, Mark Ignacio wrote:
> > Hey folks,
> >
> > During an internal reliability test, we recently found out that
> >
On Fri, Nov 17, 2017 at 07:43:15PM +, Mark Ignacio wrote:
> Hey folks,
>
> During an internal reliability test, we recently found out that
> /var/lib/sss/pubconf/kdcinfo.${REALM} stays static even when the IP
> cached there is unreachable or down. During the test, kinit failed
> consistently
Hey folks,
During an internal reliability test, we recently found out that
/var/lib/sss/pubconf/kdcinfo.${REALM} stays static even when the IP
cached there is unreachable or down. During the test, kinit failed
consistently for those unfortunate to have a bad KDC cached.
I found this draft
On Tue, Oct 31, 2017 at 10:57:23AM -0600, Jeff Sadowski wrote:
> (Tue Oct 31 10:16:44 2017) [sssd[be[mind.unm.edu]]] [ad_sasl_log]
> (0x0040): SASL: GSSAPI Error: Unspecified GSS failure. Minor code may
> provide more information (Server not found in Kerberos database)
> (Tue Oct 31 10:16:44
On Wed, Oct 25, 2017 at 03:43:14PM +0200, Jeremy Monnet wrote:
> Hi,
>
> On Tue, Oct 24, 2017 at 10:03 PM, Jakub Hrozek wrote:
>
> > >
> > > On these 2 servers, authentication works for testu...@sub1.example.com.
> > I
> > > can authenticate with my_u...@example.com on the
I'm sorry for the late reply, but we've all been busy finishing work on
a RHEL update.
On Mon, Oct 23, 2017 at 10:29:13AM +0200, Jeremy Monnet wrote:
> Hi,
>
> I am trying to setup an authentication against Active Directory, with
> multiple domains, and I haven't been able to find the
On Thu, Nov 02, 2017 at 07:06:59PM +0100, Stefan Kania wrote:
> Am 02.11.2017 um 17:00 schrieb Mario Rossi:
> > If using own objectclass, I would think you will use custom attributes ?
> >
> > ldap_group_member = *hMemberDN*
> > ldap_user_member_of = *description*
>
> This is what I did now.