-
Bug
-
Resolution: Unresolved
-
Minor
-
rhel-8.4.0
-
None
-
Low
-
rhel-idm-sssd
-
ssg_idm
-
0
-
False
-
False
-
-
None
-
None
-
None
-
None
-
If docs needed, set a value
-
-
All
-
None
-
57,005
Description of problem:
SSSD can not properly fail over during authentication and access control to other
DCs even if there are multiple listed in the kdcinfo file.
Workaround: 'krb5_kdcinfo_lookahead = 1:0' suggested by Sumit.
sssd uses the off-line server to check gpo and whole authentication
fails.
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1.
2.
3.
Actual results:
Expected results:
Additional info:
Related ticket(s):
https://pagure.io/SSSD/sssd/issue/3973