Skip to content


Choose a tag to compare
@pbrezina pbrezina released this 16 Apr 09:01
· 2068 commits to master since this release

SSSD 2.2.3


New features

  • allow_missing_name now treats empty strings the same as missing names.
  • 'soft_ocsp' and 'soft_crl options have been added to make the checks for revoked certificates more flexible if the system is offline.
  • Smart card authentication in polkit is now allowed by default.
  • ssh_use_certificate_matching_rules now allows no_rules and all_rules values (see man page for description).

Notable bug fixes

  • Fixed several memory management errors that caused SSSD to crash under some circumstances.
  • Handling of FreeIPA users and groups containing '@' sign now works.
  • Issue when autofs was unable to mount shares was fixed.
  • SSSD was unable to hande ldap_uri containing URIs with different port numbers. This was fixed.

Packaging Changes

  • Added sssd-ldap-attributes man page.

Documentation Changes

  • Added new sssd-ldap-attributes man page.
  • Added option monitor_resolv_conf.
  • Added option ssh_use_certificate_matching_rules
  • Improved AD GPO options man page.
  • Improved sssd-systemtap man page.

See full release notes here.