On Sun, Mar 13, 2016 at 11:30:36PM -0400, Cyril Scetbon wrote:
Cool exactly what I've been looking for.
Thank you.
Another question relates to offline caching. I've testing it and it has been working well. However I've seen a situation where credentials are not used in offline mode. I've used iptables to simulate an unreachable ldap server by blocking port 636. Here is what I see in such a situation http://pastebin.com/q1CNzPNL It seems to retry a few time to access the ldap server and to fail without trying to use cached passwords
I don't see authentication in the logs, was this test done with pam_ldap (Please note that the cached authentication happends in the PAM responder which is only contacted with pam_sss)
On Mar 13, 2016, at 17:09, Jakub Hrozek jhrozek@redhat.com wrote:
Yes, see: https://preichl.wordpress.com/2015/07/19/authenticate-against-cache-in-sssd/ https://preichl.wordpress.com/2015/07/19/authenticate-against-cache-in-sssd/
sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/admin/lists/sssd-users@lists.fedorahosted.org