Hi, On Tue, Feb 4, 2025 at 9:07 PM Spike White via sssd-users < sssd-users@lists.fedorahosted.org> wrote:
> All, > > In the comments in /etc/nsswitch.conf file, it says: > > # Notes: > # > # 'sssd' performs its own 'files'-based caching, so it should generally > # come before 'files'. > # > > > and then later: > > # In order of likelihood of use to accelerate lookup. > passwd: sss files systemd > shadow: files > group: sss files systemd > > > However, we have consulted with Redhat Tech Support years ago when we > first started implementing sssd and they advised us to put in local > providers first, then remote. > > So we typically do this: > > passwd: files systemd sss > ... > group: files systemd sss > > > Which is correct? > tl,dr: in general I agree with the recommendation to keep 'files' before 'sss'. Longer/precise answer depends on the OS/version being used. On more recent versions 'authselect' should do the right thing "out of the box".
-- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
