On 7/23/20 5:57 AM, Jonathon Anderson wrote:
I'm working a RHEL7.6 case (02704264, if that's useful to anyone) where the tech is claiming that our domain setup of id_provider=ldap with auth_provider=proxy doesn't work. This is counter to our past and current experience, but I'm afraid of this being a red herring that will block us from troubleshooting the hanging issue we're experiencing.
The tech is citing table 7.1 at https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/htm..., which lists "Available Combinations of Identity and Authentication Providers" and, since this combination isn't listed, they're saying this combination doesn't work.
We use auth_provider=proxy to dispatch auth through a Duo authentication proxy.
Can someone confirm whether there's any reason this shouldn't work? Again, it *does* work, but we're experiencing a failure mode where sssd becomes unresponsive after some time or event, as yet undetermined.
Thanks for your help.
I don't think there is anything that prevents this combination to work.
But it may be unsupported. untested combination from RHEL perspective.