The System Security Services Daemon (SSSD) provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides Name Service Switch (NSS) and Pluggable Authentication Modules(PAM) interfaces toward the system and a pluggable back end system to connect to multiple different account sources.
SSSD in Red Hat Enterprise Linux 5.7 includes the following notable enhancements:
ding-libs package provides utility functions to manipulate file system pathnames (
libpath_utils), a hash table which dynamically resizes to achieve optimal storage and access time properties (
libdhash), a data type to collect data in a hierarchical structure for easy iteration and serialization (
libcollection), a dynamically growing, reference-counted array (
libref_array), and a library to process configuration files in initialization format (INI) into a library collection data structure (
Added support for
Group support to the simple access provider is now supported.
A Kerberos access provider is now included to honor
Improved support for delayed online Kerberos authentication.
Significantly reduced time between connecting to a network or Virtual Private Network (VPN) and acquiring a Ticket Granting Ticket (TGT).
The new automatic Kerberos ticket renewal feature allows long-lived processes or cron jobs to function even when the user logs out.
shadow access control.
authorizedService access control.
Ability to mix-and-match LDAP access control features.
A new option, providing separate password-change LDAP servers for platforms where LDAP referrals are not supported.
Performance improvements when group processing RFC2307 LDAP servers.
A new option,
dns_discovery_domain, for better configuration when using SRV records for failover.