This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
SSSD
SSSD

Version management

Difference between version and

At line 1 added 27 lines
!!! Overview
[{$pagename}], System Security Services Daemon, is a system daemon.
[{$pagename}] primary function is to provide access to identity and authentication remote resource through a common framework that can provide caching and offline support to the system. It provides PAM and NSS modules, and in the future will D-BUS based interfaces for extended user information. [{$pagename}] provides also a better database to store local users as well as extended user data.
%%information
The SSSD is used only with Redhat systems as far as we know.
%%
!! Using [NSCD] with SSSD
[{$pagename}] is not designed to be used with the [NSCD] daemon. Even though SSSD does not directly conflict with NSCD, using both services can result in unexpected behavior, especially with how long entries are [cache]d.
The most common evidence of a problem is conflicts with NFS. When using Network Manager to manage network connections, it may take several minutes for the network interface to come up. During this time, various services attempt to start. If these services start before the network is up and the DNS servers are available, these services fail to identify the forward or reverse DNS entries they need. These services will read an incorrect or possibly empty resolv.conf file. This file is typically only read once, and so any changes made to this file are not automatically applied. This can cause NFS locking to fail on the machine where the NSCD service is running, unless that service is manually restarted.
To avoid this problem, enable caching for hosts and services in the /etc/nscd.conf file and rely on the SSSD cache for the passwd, group, and netgroup entries.
Change the /etc/nscd.conf file:
{{{
enable-cache hosts yes
enable-cache passwd no
enable-cache group no
enable-cache netgroup no
}}}
With NSCD answering hosts requests, these entries will be [cache]d by [NSCD] and returned by [NSCD] during the boot process. All other entries are handled by SSSD.!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [https://fedorahosted.org/sssd/|https://fedorahosted.org/sssd/|target='_blank'] - based on 2013-04-24
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop