No pam_ldap was disabled Cyril Scetbon
> On Mar 14, 2016, at 4:18 AM, Jakub Hrozek <[email protected]> wrote: > >> On Sun, Mar 13, 2016 at 11:30:36PM -0400, Cyril Scetbon wrote: >> Cool exactly what I've been looking for. >> >> Thank you. >> >> Another question relates to offline caching. I've testing it and it has been >> working well. However I've seen a situation where credentials are not used >> in offline mode. >> I've used iptables to simulate an unreachable ldap server by blocking port >> 636. >> Here is what I see in such a situation http://pastebin.com/q1CNzPNL >> It seems to retry a few time to access the ldap server and to fail without >> trying to use cached passwords > > I don't see authentication in the logs, was this test done with pam_ldap > (Please note that the cached authentication happends in the PAM > responder which is only contacted with pam_sss) > >> >>> On Mar 13, 2016, at 17:09, Jakub Hrozek <[email protected]> wrote: >>> >>> Yes, see: >>> >>> https://preichl.wordpress.com/2015/07/19/authenticate-against-cache-in-sssd/ >>> >>> <https://preichl.wordpress.com/2015/07/19/authenticate-against-cache-in-sssd/> > >> _______________________________________________ >> sssd-users mailing list >> [email protected] >> https://lists.fedorahosted.org/admin/lists/[email protected] > _______________________________________________ > sssd-users mailing list > [email protected] > https://lists.fedorahosted.org/admin/lists/[email protected] _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected]
