On Fri, Nov 18, 2011 at 01:55:13PM +0200, Aziz Sasmaz wrote:
Hi,
sssd can't get shadow info from ldap. When I type getent passwd it shows
pass section as * not as "x"
As passwd (5) ; If the encrypted password is set to an asterisk, the user
will be unable to login using login.
Can sssd get shadow information from ldap.
No, shadow maps are not supported and likely won't ever be. See
https://bugzilla.redhat.com/show_bug.cgi?id=751291#c4 for an
explanation, for example.
Is it possible to cache
authentication when we use ldap/shadow ?
When SSSD can reach the LDAP server, it always performs authentication
online, not from the cache.
Password caching for offline use is supported by specifying
"cache_credentials = True" in sssd.conf -- I see that your config file
uses that option, so offline logins should just work.