#3254 Set udp_preference_limit=0 by sssd-ad using a krb5 snippet
Closed: Fixed 2 years ago Opened 2 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1399262

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

In general it make sense to use 'udp_preference_limit = 0' in AD environments
as we already do it with IPA. This might add a little bit of overhead to
the initial AS-REQ which only contains the client/user principal but no
pre-authentication data but will later safe the KRB5KRB_ERR_RESPONSE_TOO_BIG
error and the related additional round-trip.

So the proposal here is to drop a configuration snippet by sssd-ad that
would disable the UDP lookups by setting the udp_preference_limit to zero.


Fields changed

blockedby: =>
blocking: =>
changelog: =>
component: SSSD => AD Provider
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
patch: => 0
review: True => 0
selected: =>
testsupdated: => 0

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.15 Beta

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.15.3

2 years ago

Metadata Update from @pcech:
- Custom field component reset
- Custom field design_review reset
- Custom field mark reset
- Custom field patch reset
- Custom field review reset
- Custom field rhbz reset
- Custom field sensitive reset
- Custom field testsupdated reset
- Custom field type reset
- Issue close_status updated to: None
- Issue set to the milestone: None (was: SSSD 1.15.3)

2 years ago

Metadata Update from @pcech:
- Custom field design_review reset
- Custom field mark reset
- Custom field patch reset
- Custom field review reset
- Custom field sensitive reset
- Custom field testsupdated reset

2 years ago

Metadata Update from @lslebodn:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue set to the milestone: SSSD 1.15.3

2 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue assigned to pcech

2 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch adjusted to on (was: false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)

2 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue set to the milestone: SSSD 1.15.4 (was: SSSD 1.15.3)

2 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue tagged with: PR

2 years ago

Metadata Update from @lslebodn:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

2 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue set to the milestone: SSSD 1.16.0 (was: SSSD 1.15.4)

2 years ago

Login to comment on this ticket.

Metadata