On Sun, Mar 13, 2016 at 11:30:36PM -0400, Cyril Scetbon wrote: > Cool exactly what I've been looking for. > > Thank you. > > Another question relates to offline caching. I've testing it and it has been > working well. However I've seen a situation where credentials are not used in > offline mode. > I've used iptables to simulate an unreachable ldap server by blocking port > 636. > Here is what I see in such a situation http://pastebin.com/q1CNzPNL > It seems to retry a few time to access the ldap server and to fail without > trying to use cached passwords
I don't see authentication in the logs, was this test done with pam_ldap (Please note that the cached authentication happends in the PAM responder which is only contacted with pam_sss) > > > On Mar 13, 2016, at 17:09, Jakub Hrozek <[email protected]> wrote: > > > > Yes, see: > > > > https://preichl.wordpress.com/2015/07/19/authenticate-against-cache-in-sssd/ > > > > <https://preichl.wordpress.com/2015/07/19/authenticate-against-cache-in-sssd/> > _______________________________________________ > sssd-users mailing list > [email protected] > https://lists.fedorahosted.org/admin/lists/[email protected] _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected]
