On Wed, Mar 29, 2017 at 04:16:47PM +0000, Joakim Tjernlund wrote:
On Wed, 2017-03-29 at 16:10 +0200, Sumit Bose wrote:
> On Wed, Mar 29, 2017 at 01:48:07PM +0000, Joakim Tjernlund wrote:
> > I have tried to set KRB5CCNAME to something predicable, both in
> > sssd.conf(krb5_ccname_template = FILE:/tmp/krb5cc_:%U)
> > and
> > krb5.conf(default_ccache_name = FILE:/tmp/krb5cc_%{uid})
> >
> > but what ever I do KRB5CCNAME reads:
> > KRB5CCNAME=FILE:/tmp/krb5cc_<UID>_ryxWRPDHZD
> >
> > Is the name hardcoded nowadays(in sssd 1.15.2)?
>
> no, using krb5_ccname_template should just work.
>
> Please note that SSSD tries to reuse an existing and active ccache. This
> means that as long as a process of the user is running SSSD will use
> the existing ccache and will also set KRB5CCNAME to the existing one for
> new logins.
Right, but stopping sssd, rm /var/lib/sss/db/* and rebooting does not help.
This should be more than sufficient.
Do I need to use any of sssd'd plugins in krb.conf? Currently I
don't use any plugin
No, no plugins needed here, feel free to forward debug_level=10 logs to
me which contain an authentication.
bye,
Sumit
>
> Jocke
> _______________________________________________
> sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
> To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org