mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
Set "KDC:Disable Last Success" by default
In big deployments enabled recording of the last sucesfull login this creates a huge changelog on DS side and cause performance issues even if this is excluded from replication. Actually this is not used directly by FreeIPA so it is safe to remove in new installations. User who need this must manually remove "KDC:Disable Last Success" using `ipa config-mod` command or WebUI. https://pagure.io/freeipa/issue/5313 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
This commit is contained in:
parent
ab6d7ac50a
commit
eeaf428b1b
@ -410,6 +410,7 @@ ipaUserObjectClasses: ipasshuser
|
|||||||
ipaDefaultEmailDomain: $DOMAIN
|
ipaDefaultEmailDomain: $DOMAIN
|
||||||
ipaMigrationEnabled: FALSE
|
ipaMigrationEnabled: FALSE
|
||||||
ipaConfigString: AllowNThash
|
ipaConfigString: AllowNThash
|
||||||
|
ipaConfigString: KDC:Disable Last Success
|
||||||
ipaSELinuxUserMapOrder: guest_u:s0$$xguest_u:s0$$user_u:s0$$staff_u:s0-s0:c0.c1023$$unconfined_u:s0-s0:c0.c1023
|
ipaSELinuxUserMapOrder: guest_u:s0$$xguest_u:s0$$user_u:s0$$staff_u:s0-s0:c0.c1023$$unconfined_u:s0-s0:c0.c1023
|
||||||
ipaSELinuxUserMapDefault: unconfined_u:s0-s0:c0.c1023
|
ipaSELinuxUserMapDefault: unconfined_u:s0-s0:c0.c1023
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user