Hi, On Thu, Jul 7, 2022 at 12:14 PM Fisher, Philip <[email protected]> wrote:
> Hi SSSD experts > > I have tried examining various documentation and man pages but I am unable > to determine the answer. Specifically, for security reasons, we require > user on our Linux servers to login via AD credentials only (unless they are > a specific local user). In particular, if the provider is offline/not > available (in this case an AD server/servers) then login should fail. > Sounds like `cache_credentials = false`? (see `man sssd.conf`) > > I thought it would be possible by setting various "cache" parameters but > the documentation suggests that zero (0) is not a useful value. > > So, can this be done? And if so, how? And if I missed some simple thing > in the documentation a reply pointing me to said documentation would be > acceptable :-). > > Thanks. > Phil > > -- > Phil J Fisher > UNIX Technology Consultant > > > > DXC Technology Company -- This message is transmitted to you by or on > behalf of DXC Technology Company or one of its affiliates. It is intended > exclusively for the addressee. The substance of this message, along with > any attachments, may contain proprietary, confidential or privileged > information or information that is otherwise legally exempt from > disclosure. Any unauthorized review, use, disclosure or distribution is > prohibited. If you are not the intended recipient of this message, you are > not authorized to read, print, retain, copy or disseminate any part of this > message. If you have received this message in error, please destroy and > delete all copies and notify the sender by return e-mail. Regardless of > content, this e-mail shall not operate to bind DXC Technology Company or > any of its affiliates to any order or other contract unless pursuant to > explicit written agreement or government initiative expressly permitting > the use of e-mail for such purpose. > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure >
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
