[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "user with UID not found" error
From: |
Christopher Batten |
Subject: |
Re: "user with UID not found" error |
Date: |
Tue, 2 Aug 2022 18:24:04 +0000 |
>>>> Or do you recommend a different way to run NSCD and SSSD at the same time
>>>> on RHEL/CentOS systems?
>>>
>>> You only need to start it. We don't use it as a cache. We are only
>>> interested in its network interface for use with glibc.
> […]
>> We turned off all NSCD caching:
>>
>> % grep enable-cache /etc/nscd.conf
>> # enable-cache <service> <yes|no>
>> enable-cache passwd no
>> enable-cache group no
>> enable-cache hosts no
>> enable-cache services no
>> enable-cache netgroup no
>
> Sorry, it appears that I was wrong about the role of caching. Our
> cluster nodes (running CentOS) have this nscd config:
>
> --8<---------------cut here---------------start------------->8---
> enable-cache passwd yes
> enable-cache group yes
> enable-cache hosts no
> enable-cache netgroup no
> --8<---------------cut here---------------end--------------->8---
>
> So while we don’t rely on caching per se, nscd needs to be configured to
> cache passwd and group so that it actually fetches this type of
> information from the system directories (e.g. LDAP).
>
> Sorry for the confusion!
OK! But this RHEL doc:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system-level_authentication_guide/usingnscd-sssd
Seems to suggest turning on NSCD caching for passwd and group while also
running SSSD can cause subtle issues? It says:
"To avoid this problem, enable caching only for hosts in the the /etc/nscd.conf
file and rely on the SSSD cache for the passwd, group, services, and netgroup
entries."
So my sysadmin and I are worried about turning on caching in NSCD and SSSD at
the same time? Are you running both and have you seen any issues?
Best,
Chris