sssd cache_credentials

Comments 2

I recently configured a few RHEL hosts as ldap clients. I am trying to understand how cache_credentials.
[1] what is the default value or how wrong do cached credentials take to expire
[2]what happens incase of a network problem or server is down. would a user be allowed login?
[3] Can I modify the cache_credentials defaults values

thanks
SK

Started 2014-07-31T20:43:20+00:00 by

Stephen Karanja

Newbie 11 points

Responses

Guru 6863 points

31 July 2014 10:13 PM

james.radtke@siriusxm.com

Community Leader

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/about-sssd.conf.html

We modify our SSSD configuration from the defaults as part of the kickstart/bootstrap process (so, I can't answer what the default value is).

I recommend reading the SSSD documentation so that you have a fairly solid understanding of each of the components involved and how they impact the "big picture" (i.e. pam, nsswitch, etc..)

Here is the documentation regarding some of the default values:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/Configuration_Options-NSS_Configuration_Options.html

PS Guru 6494 points

1 August 2014 3:51 AM

PixelDrift.NET Support

Community Leader

man sssd.conf

Will answer your questions.

1) cache_credentials is off by default
2) yes
3) yes

Take a look at options:
cache_credentials
account_cache_expiration
offline_credentials_expiration

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

Responses