I would prefer if the SSSD never completely deleted the cached entry (unless an online lookup returned that it had been deleted). However, it would probably be beneficial to offer a flag to specify "delete cached credentials".

This way, the user's ID and group information would remain available while offline in case it was needed, but the user will not be able to log in.

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.10.0
rhbz: => todo

Fields changed

cc: => myllynen@redhat.com

Fields changed

milestone: SSSD 1.10.0 => SSSD 1.10 beta

Fields changed

selected: => Not need

Moving tickets that are not a priority for SSSD 1.10 into the next release.

milestone: SSSD 1.10 beta => SSSD 1.11 beta

Fields changed

mark: => 1

Fields changed

cc: myllynen@redhat.com => myllynen@redhat.com, dstoykov@uni-ruse.bg
changelog: =>
design: =>
design_review: => 0
fedora_test_page: =>
review: => 0

We already provide a way to remove cached credentials. This ticket is invalid.

milestone: SSSD 1.13 beta => SSSD 1.13 backlog
priority: minor => trivial

Mass-moving tickets not planned for any immediate release and re-setting priority.

milestone: SSSD 1.13 backlog => SSSD Deferred
priority: trivial => major

The cleanup task can do this for years, we should close this ticket.

review: 0 => 1
sensitive: => 0

Fields changed

resolution: => worksforme
status: new => closed

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2562

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.