[Freeipa-users] Re: Get rid of manually calling kinit with SSSD

Wed, 31 May 2017 05:37:56 -0700 

On 2017-05-31 13:25, Sumit Bose via FreeIPA-users wrote:

On Wed, May 31, 2017 at 11:24:48AM +0200, Ronald Wimmer via FreeIPA-users wrote:

Hi,

I read Jakub Hrozeks post 
https://jhrozek.wordpress.com/2015/07/17/get-rid-of-calling-manually-calling-kinit-with-sssds-help/
and found that it is exactly what I need. The only problem is that I am
using Ubuntu and not Fedora or CentOS.

In sssd_pamlog i only see a SSS_PAM_OPEN_SESSION but no SSS_PAM_AUTHENTICATE


This would mean that pam_unix authenticated the user. Does the user
exists in /etc/passwd and /etc/shadow as well?


Of course. My local user exists in both files.

sssd_pam.log shows 4 times SSS_PAM_OPEN_SESSION
1) User: lightdm
2) User: ligh...@my.domain.at
3) User: mylocaluser
4) User: mylocalu...@my.domain.at
Number 4 ist the most promising but mylocaluser should be myadu...@my.domain.at. Here's the log:
(Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_OPEN_SESSION (Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: my.domain.at (Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): user: mylocalu...@my.domain.at (Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): service: lightdm 
(Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: :0
(Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set (Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set (Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 0 (Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0 
(Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 2538 (Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: mylocaluser (Tue Apr 25 13:17:01 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55e6c039fa20 (Tue Apr 25 13:17:01 2017) [sssd[pam]] [pam_dom_forwarder] (0x0100): pam_dp_send_req returned 0 (Tue Apr 25 13:17:01 2017) [sssd[pam]] [sss_dp_req_destructor] (0x0400): Deleting request: [0x55e6be26eea0:3:mylocalu...@my.domain.at@my.domain.at] 
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to