SSSD settings take precedence over some settings in /etc/krb5.conf. The daemon does not keep track of krb5.conf and doesn't automatically reload when the file is changed. This can lead to surprising results. For example it is necessary to restart sssd.service when krb5.conf is altered to use MS-KKDCP instead of plain Kerberos as transport protocol.
Suggestion: The installer should add a comment at the top of the file and tell users to restart sssd if they change the file manually.
This ticket is out of scope of 4.4.0 release. Moving to 4.4.1. Note that 4.4.1 needs to be triaged, therefore not everything will be implemented.
moving out tickets not implemented in 4.4.1
4.4.2 is a stabilization milestone. If this bug is important stabilization bug then please put it to NEEDS TRIAGE milestone for retriage.
Metadata Update from @cheimes: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.5 backlog
Nobody else has complained about the issue in two years. IPA is also moving away from /etc/krb5.conf in favor of config snippets in /etc/krb5.conf.d/
/etc/krb5.conf
/etc/krb5.conf.d/
Metadata Update from @cheimes: - Issue close_status updated to: wontfix - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.