On Thu, Jul 25, 2013 at 06:01:09PM +0000, Licause, Al (CSC AMS BCS - UNIX/Linux Network Support) wrote: > Is that to say that when using this under RHEL v6.3 in which we use sssd to > authenticate the user > and then /etc/sudo-ldap.conf to affect the sudo commands, there is no caching > ?
There is no caching of *sudo rules*. Caching of the user and his credentials is still available. > > And are you also stating that this should work w/o sssd and just the > combination of /etc/ldap.conf > and /etc/sudo-ldap.conf ? Define "this". You still need something to read the user identities with, be it sssd, nss-pam-ldapd or something completely different. sudo can't do it by itself. > > If so, I'm confused because everything I've read states that ldap.conf is no > longer used in RH V6 > or at least 6.3 and beyond. I can not get authentication to work with > ldap.conf along having > shutdown sssd. > On 6.3, the alternative to SSSD for user and group lookups is nss-pam-ldapd. Just configuring ldap.conf is not enough. > But I can understand that if a utility outside of sssd is necessary to get > sudo working for ldap > users, that caching is disabled for that function. Am I correct in my > assumptions ? > Correct. _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
