ansible-lockdown / UBUNTU22-CIS

Ansible role for Ubuntu22 CIS Baseline
https://ansible-lockdown.readthedocs.io/en/latest/
MIT License
201 stars 81 forks source link

After run this rule and now login take longer time #203

Closed TCP-88 closed 8 months ago

TCP-88 commented 10 months ago

Question after apply this rule and when i login to the server from ssh or console and it take long time to log me in. this is after key in password and it take long time to return to shell. (but root login from console no issue)

Environment (please complete the following information):

uk-bolly commented 10 months ago

hi @TCP-88

Thank you for raising the issue, but trying to understand which control you are having issues with. If i read this correctly it as first appears to be possibly DNS, pam related as these can slow down authentication. But without know the control number you are referring to im afraid i am unable to be of much help.

Many thanks

uk-bolly

TCP-88 commented 9 months ago

Hi Bolly,

Thanks for reply. after i troubleshoot and i notice that when i try to login domain users and i have this issue. local account no issue. i just run the ansible with the roll without exclude anything.

TCP-88 commented 9 months ago

Hi Team,

i have resolved the problem by added this in /etc/sssd/sssd.conf

ldap_opt_timeout = 20 ldap_network_timeout = 20 dns_resolver_timeout = 20 ad_enabled_domains = example.com ad_server = example

uk-bolly commented 8 months ago

hi @TCP-88

Great news you've managed to find this fix for your configuration.

Best regards

uk-bolly