Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Mail Systems
Eclipse Documentation

How To Guides
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Problem Solutions
Privacy Policy




Red Hat Enterprise Linux 8 Essentials Book now available.

Purchase a copy of Red Hat Enterprise Linux 8 (RHEL 8) Essentials in eBook ($24.99) or Print ($36.99) format

Red Hat Enterprise Linux 8 Essentials Print and eBook (ePub/PDF/Kindle) editions contain 31 chapters and over 250 pages

Buy Print Preview Book

7.2. Known Issues

  • Enabling user authentication against an LDAP server using authconfig --enableldapauth does not correctly set up the /etc/nslcd.conf configuration file. Consequently, LDAP users will be denied access to the system. To work around this issue, remove the line containing pam_password md5 from the /etc/nslcd.conf file.
  • The System Security Services Daemon (SSSD) currently supports following LDAP referrals on anonymous-bind LDAP connections only.
  • The authentication configuration utility does not keep the 'Require smart card for login' check box set when Kerberos is also enabled. When the check box is checked and the configuration is saved with the 'Apply' button, the system will correctly require smart card for login. However, on the subsequent run of the authentication configuration utility the check box will be unchecked again and it is necessary to check it again to keep the option switched on.
  • When attempting to perform PKINIT pre-authentication, if the client has more than one possible candidate certificate the client may fail to select the certificate and key to use. This usually occurs if certificate selection is configured to use the value of the keyUsage extension, or if any of the candidate certificates does not contain a subjectAltName extension. Consequently, the client attempts to perform pre-authentication using a different (usually password-based) mechanism.
  • After installing certmonger, the system message bus daemon needs to be signaled to reload its configuration to allow the certmonger service to start properly. To work around this issue, send the dbus-daemon process a SIGHUP signal, or, alternatively, reboot the system.

  Published under the terms of the Creative Commons License Design by Interspire