Am Tue, Sep 24, 2024 at 08:05:58AM +0200 schrieb Harald Dunkel via FreeIPA-users: > On 2024-09-23 13:15:47, Sumit Bose via FreeIPA-users wrote: > > > > by default SSSD tries to do online authentication as long as SSSD is > > online, i.e. can reach the server. This behavior can be changed with the > > `cached_auth_timeout` option which allows SSSD to used the stored > > password hash for authentication for the time given with the option, see > > man sssd.conf for details. Did you, by chance, use this option in > > sssd.conf? > > > > No, cached_auth_timeout is not set. I am not sure if it is relevant > here, since the user cannot login using his new password. The > cached_auth_timeout seems to be important *after* login for reauthen- > tication.
Hi, then I think we need SSSD debug logs covering a failed login attempt. bye, Sumit > > > Regards > > Harri > -- > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
