#3591 cachedPassword is removed with files provider
Closed: cloned-to-github 8 months ago by pbrezina. Opened 3 years ago by lslebodn.

sssd.conf:

[sssd]
services = nss, pam
domains = files.example
[domain/files.example]
id_provider = files

auth_provider = krb5
krb5_server = kerberos.example.com:88
krb5_realm = EXAMPLE.COM
krb5_store_password_if_offline = True

cache_credentials = True
debug_level = 10
  • authenticate as user and check that password is cached
    e.g. ssh lslebodn@localhost
[user@host][~]$ssh lslebodn@localhost
lslebodn@localhost's password: 
Last login: Thu Nov 30 11:15:14 2017 from ::1
[lslebodn@host ~]$ klist 
Ticket cache: KCM:1001:87222
Default principal: lslebodn@EXAMPLE.COM

Valid starting       Expires              Service principal
11/30/2017 11:20:15  11/30/2017 21:20:15  krbtgt/EXAMPLE.COM@EXAMPLE.COM
[root@host ~]# ldbsearch -H /var/lib/sss/db/cache_files.example.ldb '(cachedPassword=*)' dn cachedPassword 
asq: Unable to register control with rootdse!
# record 1
dn: name=lslebodn@files.example,cn=users,cn=files.example,cn=sysdb
cachedPassword: $6$xJdcd9mb35vxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

# returned 1 records
# 1 entries
# 0 referrals
  • let sssd refresh data in files domain and again check cachedPassword
[root@host ~]# touch /etc/passwd
[root@host ~]# ldbsearch -H /var/lib/sss/db/cache_files.redhat.ldb '(cachedPassword=*)' dn cachedPassword 
asq: Unable to register control with rootdse!
# returned 0 records
# 0 entries
# 0 referrals

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 2.0
- Issue tagged with: bug

3 years ago

Metadata Update from @jhrozek:
- Issue priority set to: major

3 years ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.16.2 (was: SSSD 2.0)

3 years ago

Since we are near the 1.16.2 release and this ticket has no PR yet, it will slip into 1.16.3.

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.16.3 (was: SSSD 1.16.2)

2 years ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.16.4 (was: SSSD 1.16.3)

2 years ago

This still can be backported to 1.16, but I'm moving all tickets into the 2.x milestones in general

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 2.2 (was: SSSD 1.16.4)

2 years ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 2.3 (was: SSSD 2.2)

2 years ago

Metadata Update from @mzidek:
- Issue assigned to ppolawsk

a year ago

Metadata Update from @thalman:
- Issue tagged with: Next milestone

10 months ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4614

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @pbrezina:
- Issue close_status updated to: cloned-to-github
- Issue status updated to: Closed (was: Open)

8 months ago

Login to comment on this ticket.

Metadata