On 7/29/20 5:27 PM, xcor...@gmail.com wrote:
I've been using sssd + AD to do auth for a few years now. Offline
authentication is enabled and works normally. In that time I've upgraded my
Ubuntu laptop several times, and each time I noticed that after the update, I
cannot log in unless I'm on the corp network with direct access to AD. That
hasn't really been a problem until now. I'm working from home over vpn all the
time and don't have to option of going in to get on the corp network.
I know the workaround is to use a local account, get on the VPN, authenticate with
my AD account and populate the cache, but IT doesn't like me creating local users
and it's a pain. I haven't tried the latest update yet (19.10 -> 20.04, sssd
currently 2.2.0).
Since something in the upgrade process is presumably destroying the cache, I was
wondering if there's a "nice" way around this? Ubuntu upgrades for sssd seem
like they're just upgrading sssd via apt, so I'm wondering why these major updates seem
to operate differently from minor ones, and if that's intentional.
SSSD itself certainly does not destroy any cached content during
updates. We takes lots of care to keep the cache working. Even if we did
some incompatible changes in the cache format we just update it first
time SSSD is run and no data is thrown away.
Is it possible that Ubuntu removes the old cache as part of the upgrade
process?
_______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org