- Update to version 2.5.2; (jsc#SLE-17763);
  * originalADgidNumber attribute in the SSSD cache is now indexed.
  * Add new config option fallback_to_nss.
- Changes from version 2.5.1
  * auto_private_groups option can be set centrally through ID
    range setting in IPA (see ipa idrange commands family). This
    feature requires SSSD update on both client and server. This
    feature also requires freeipa 4.9.4 and newer.
  * Fix getsidbyname issues with IPA users with a user-private-group.
  * Default value of ldap_sudo_random_offset changed to 0
    (disabled). This makes sure that sudo rules are available as
    soon as possible after SSSD start in default configuration.
- Changes from version 2.5.0
  * Added support for automatic renewal of renewable TGTs that
    are stored in KCM ccache. This can be enabled by setting
    tgt_renewal = true. See the sssd-kcm man page for more
    details. This feature requires MIT Kerberos
    krb5-1.19-0.beta2.3 or higher.
  * Backround sudo periodic tasks (smart and full refresh) periods are
    now extended by a random offset to spread the load on the server in
    environments with many clients.
  * Completing a sudo full refresh now postpones the smart refresh by
    ldap_sudo_smart_refresh_interval value. This ensure that the smart
    refresh is not run too soon after a successful full refresh.
  * If debug_backtrace_enabled is set to true then on any error all prior
    debug messages (to some limit) are printed even if debug_level is set
    to low value.
  * Besides trusted domains known by the forest root, trusted domains known
    by the local domain are used as well.
  * New configuration option offline_timeout_random_offset to control random

• Files Changed
• Browse Source