On Thu, May 18, 2017 at 11:40:18AM -0400, Striker Leggette wrote:
> I can understand the first unlock from waking up from sleep. For the
> second, bump your debug_level in sssd.conf up to 7 and then check to see if
> you have any "Got request" lines in /var/log/sssd/sssd_domain.log for the
> second login attempt from the lock screen. You should be able to see if it
> is using cached creds or actively trying to parse the domain server.
>
> Can you paste your sssd.conf also?
In addition, one more question:
- when you unlock after wakeup, is the Kerberos server reachable or
do you e.g. first need to connect to a VPN to be able to reach the
server?
>
>
> On 05/18/2017 10:58 AM, Joakim Tjernlund wrote:
> > Sequence:
> >
> > login into MATE or Plasma
> > suspend to ram
> > wait until krbtgt expires
> > wakeup computer
> > unlock screen
> > klist will show the old expired ticket.
> >
> > lock/unlock screen again(well after networking is up)
> > klist still shows the old ticket.
> >
> > No SSO/NFS possible until manually doing a kinit to get a fresh ticket
> >
> > Anyone else see this?
> >
> > Jocke
> > _______________________________________________
> > sssd-users mailing list -- [email protected]
> > To unsubscribe send an email to [email protected]
>
> _______________________________________________
> sssd-users mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
_______________________________________________
sssd-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
