> Method 3: Using SSSD (Recommended) > SSSD attempts to perform Kerberos authentication against the IdM server. > > IdM intercepts this bind request. If the user has a Kerberos principal but no > Kerberos > hashes, then the IdM identity provider generates the hashes and stores them > in the user > entry. > If authentication is successful, SSSD disconnects from IdM and tries Kerberos > authentication again. This time, the request succeeds because the hash exists > in the > entry. > > https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/... > > The description here seems to solve this problem, but is there a detailed > tutorial on how > to do it?thank you
My system is Ubuntu16.04 Freeipa4.3, because the current CA cert has expired and there are problems, it is difficult to repair, so I want to rebuild the new environment to recover the user data on the old cluster, is there any good scheme recommended?Thank you very much _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
