On Thu, Aug 09, 2018 at 10:06:52AM -0700, Andre Piwoni wrote:
> There does not seem to be much documentation how to make
> authentication work without any extras. All I need is a simple
> non-anonymous bind using provided credentials without any searches. My
> understanding is that I don't need
>
> Thank you for figuring out the linker option which caused the issue and
> for the suggestions.
>
> I've opened https://pagure.io/SSSD/sssd/issue/3801 to track the issue
> and also created https://github.com/SSSD/sssd/pull/632.
Thanks. I commented in the PR. The test now passes on Ubuntu with
There does not seem to be much documentation how to make
authentication work without any extras. All I need is a simple
non-anonymous bind using provided credentials without any searches. My
understanding is that I don't need NSS for this only PAM with
auth_provider set to ldap. However, without
On Tue, Aug 07, 2018 at 10:38:59PM +0200, Lukas Slebodnik wrote:
> On (07/08/18 15:48), Andreas Hasenack wrote:
> >On Tue, Aug 7, 2018 at 10:19 AM Sumit Bose wrote:
> >>
> >> > But something is still unexplained: the same test works just fine in
> >> > debian, and doesn't try to connect to that
On 8/9/18 11:50 AM, q8ztv...@posteo.de wrote:
We are deploying SSSD for authentication with an LDAP backend, and we
are getting pushback from our Security colleagues about using SSSD to
cache user credentials..
I would like to have some documentation to show them how this cache is
kept
Hello K.,
SSSD implements 2 different caching options, one to allow offline
logins, and one to allow to grab a kerberos ticket after offline login,
once a KDC is reachable, this second option is krb5 specific.
To allow offline logins, after a successful authentication attempt
against a remote
I would recommend your security department to instead of focusing on Linux/SSSD
to take a look at Windows/lsass - Windows is caching user credentials as well
and it's not a problem for them?
O.
-Original Message-
From: q8ztv...@posteo.de [mailto:q8ztv...@posteo.de]
Sent: Thursday,
Hello!
We are deploying SSSD for authentication with an LDAP backend, and we
are getting pushback from our Security colleagues about using SSSD to
cache user credentials..
I would like to have some documentation to show them how this cache is
kept secure...where can I find information to