Bug 848547 - [TECH PREVIEW] Support DIR: credential caches for multiple TGT support
Summary: [TECH PREVIEW] Support DIR: credential caches for multiple TGT support
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sssd
Version: 6.4
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Jakub Hrozek
QA Contact: Kaushik Banerjee
Aneta Šteflová Petrová
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-08-15 20:58 UTC by Dmitri Pal
Modified: 2020-05-02 16:24 UTC (History)
2 users (show)

Fixed In Version: sssd-1.9.1-1.el6
Doc Type: Release Note
Doc Text:
Package(s) providing the Technology Preview: SSSD, krb5 --- New SSSD Cache Storage Type Kerberos version 1.10 added a new cache storage type, DIR:, which allows Kerberos to maintain Ticket Granting Tickets (TGTs) for multiple Key Distribution Centers (KDCs) simultaneously and auto-select between them when negotiating with Kerberized resources. In Red Hat Enterprise Linux 6.4, SSSD has been enhanced to allow you to select the DIR: cache for users that are logging in via SSSD. This feature is introduced as a Technology Preview.
Clone Of:
Environment:
Last Closed: 2013-02-21 09:35:31 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github SSSD sssd issues 2016 0 None None None 2020-05-02 16:24:06 UTC
Red Hat Product Errata RHSA-2013:0508 0 normal SHIPPED_LIVE Low: sssd security, bug fix and enhancement update 2013-02-20 21:30:10 UTC

Description Dmitri Pal 2012-08-15 20:58:57 UTC
This bug is open against 6.4 for the tech note purposes as this is a tech preview feature.

This bug is created as a clone of upstream ticket:
https://fedorahosted.org/sssd/ticket/974

MIT dev team is working on the new type of the credential cache to support the case when one user has multiple tickets for different Kerberos realms. This is a feature of Kerberos 1.10. We need to take advantage of this functionality as soon as it becomes available.

http://k5wiki.kerberos.org/wiki/Projects/Client_principal_selection

Comment 4 Jenny Severance 2013-01-31 16:37:25 UTC
Technical preview feature marking verified

Comment 5 errata-xmlrpc 2013-02-21 09:35:31 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html


Note You need to log in before you can comment on or make changes to this bug.