On Wed, Oct 31, 2018 at 08:20:55PM +, Jay McCanta wrote:
> Yes. Kinit -R renews the ticket (if it hasn't expired).
OK, can you attach a snippet of the logs? I thiknk the domain log and
the krb5_child.log are the most important.
___
sssd-users
Yes. Kinit -R renews the ticket (if it hasn't expired).
-Original Message-
From: Jakub Hrozek
Sent: Wednesday, October 31, 2018 12:25 PM
To: sssd-users@lists.fedorahosted.org
Subject: [SSSD-users] Re: Ubuntu Bionic - sssd 1.16.1 - kerberos ticket not
renewing
EXTERNAL MAIL:
On Fri, Oct 19, 2018 at 12:26:28AM -0400, TomK wrote:
> Does SSSD allow setting quotas for existing or newly authenticated users?
No. We've talked with the systemd developers about the possibility of
sssd fetching cgroups limits from LDAP and passing them on to
pam_systemd.so to set limits on
On Wed, Oct 31, 2018 at 07:19:44PM +, Jay McCanta wrote:
> I have a new server running Ubuntu Bionic (18.04.01) with sssd
> 1.16.1-1ubuntu1. The problem is that our Kerberos tickets are not being
> renewed while we are logged in. I have tried using FILE and KEYRING
> credential caches.
I have a new server running Ubuntu Bionic (18.04.01) with sssd 1.16.1-1ubuntu1.
The problem is that our Kerberos tickets are not being renewed while we are
logged in. I have tried using FILE and KEYRING credential caches. SSH has
Kerberos disabled, GSSAPI disabled, and is configured to use
You could expire the account, and not the password. Not the most elegant
way, but I could not find any other way to implement password expiry. I
did try it a while back on a much older version, so I can't tell if
latest code still supports it. All I needed to have in OpenLDAP is
shadowExpire
On 10/31/18 3:26 PM, Bartłomiej Solarz-Niesłuchowski wrote:
> On my network we use ldap to "aging" password.
>
> Every user is definied in ldap server (openldap) with 5 attributes:
>
> shadowLastChange: 15308
> shadowInactive: 30
> shadowMin: 0
> shadowMax: 120
> shadowWarning: 30
The
Dear List,
On my network we use ldap to "aging" password.
Every user is definied in ldap server (openldap) with 5 attributes:
shadowLastChange: 15308
shadowInactive: 30
shadowMin: 0
shadowMax: 120
shadowWarning: 30
the sssd uses 6 attributes:
shadowLastChange
shadowMin