#3254 Set udp_preference_limit=0 by sssd-ad using a krb5 snippet
Closed: Fixed 3 years ago Opened 4 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1399262

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

In general it make sense to use 'udp_preference_limit = 0' in AD environments
as we already do it with IPA. This might add a little bit of overhead to
the initial AS-REQ which only contains the client/user principal but no
pre-authentication data but will later safe the KRB5KRB_ERR_RESPONSE_TOO_BIG
error and the related additional round-trip.

So the proposal here is to drop a configuration snippet by sssd-ad that
would disable the UDP lookups by setting the udp_preference_limit to zero.


Fields changed

blockedby: =>
blocking: =>
changelog: =>
component: SSSD => AD Provider
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
patch: => 0
review: True => 0
selected: =>
testsupdated: => 0

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.15 Beta

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.15.3

4 years ago

Metadata Update from @pcech:
- Custom field component reset
- Custom field design_review reset
- Custom field mark reset
- Custom field patch reset
- Custom field review reset
- Custom field rhbz reset
- Custom field sensitive reset
- Custom field testsupdated reset
- Custom field type reset
- Issue close_status updated to: None
- Issue set to the milestone: None (was: SSSD 1.15.3)

4 years ago

Metadata Update from @pcech:
- Custom field design_review reset
- Custom field mark reset
- Custom field patch reset
- Custom field review reset
- Custom field sensitive reset
- Custom field testsupdated reset

4 years ago

Metadata Update from @lslebodn:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue set to the milestone: SSSD 1.15.3

4 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue assigned to pcech

4 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch adjusted to on (was: false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)

4 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue set to the milestone: SSSD 1.15.4 (was: SSSD 1.15.3)

4 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue tagged with: PR

4 years ago

Metadata Update from @lslebodn:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

3 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue set to the milestone: SSSD 1.16.0 (was: SSSD 1.15.4)

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4287

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata