Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Anolis OS 23
Services
System Security Services Daemon
System Security Services Daemon
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
System Security Services Daemon
The System Security Services Daemon (SSSD) is a system daemon that provides access to different identity and authentication providers such as Red Hat's IdM, Microsoft's AD, openLDAP, MIT Kerberos, etc. It uses a common framework that can provide caching and offline support to systems utilizing SSSD. SSSD using caching to reduce load on authentication servers permit offline authentication as well as store extended user data.
For more information, see
SSSD certificate_verification option
Value of the certificate_verification option in the SSSD config.
SSSD memcache_timeout option
Value of the memcache_timeout option in the [nss] section of SSSD config /etc/sssd/sssd.conf.
SSSD ssh_known_hosts_timeout option
Value of the ssh_known_hosts_timeout option in the [ssh] section of SSSD configuration file /etc/sssd/sssd.conf.
System Security Services Daemon (SSSD) - LDAP
The System Security Services Daemon (SSSD) is a system daemon that provides access to different identity and authentication providers such as Red Hat's IdM, Microsoft's AD, openLDAP, MIT Kerberos, etc. It uses a common framework that can provide caching and offline support to systems utilizing SSSD. SSSD using caching to reduce load on authentication servers permit offline authentication as well as store extended user data.
SSSD can support many backends including LDAP. The
sssd-ldap
backend allows SSSD to fetch identity information from an LDAP server.
SSSD LDAP Backend Client CA Certificate Location
Path of a directory that contains Certificate Authority certificates.