Here is my sssd.conf file

[sssd]
config_file_version = 2
services = nss, sudo, pam, ssh
domains = ipadomain.com
default_domain_suffix = adadomain.com
full_name_format = %1$s

[nss]
homedir_substring = /home

[domain/ipadomain.com]
krb5_use_enterprise_principal = True

debug_level = 9
krb5_store_password_if_offline = True
id_provider = ipa
auth_provider = ipa
access_provider = ipa
cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = ipadomain.com
ipa_hostname = ef01.ipadomain.com
ipa_server = ipa01.ipadomain.com
chpass_provider = ipa
ldap_tls_cacert = /etc/ipa/ca.crt
dns_discovery_domain = ipadomain.com

entry_cache_timeout = 60
[pam]

[sudo]

[autofs]

[ssh]

[pac]

[ifp]

On Fri, Aug 18, 2017 at 7:28 PM, Supratik Goswami <supratiksek...@gmail.com>
wrote:

>
>
> On Fri, Aug 18, 2017 at 7:20 PM, Jakub Hrozek via FreeIPA-users <
> freeipa-users@lists.fedorahosted.org> wrote:
>
>> On Fri, Aug 18, 2017 at 07:13:13PM +0530, Supratik Goswami via
>> FreeIPA-users wrote:
>> > When executed in the server I get the below logs
>> >
>> > (Fri Aug 18 08:18:26 2017) [sssd[nss]] [orderly_shutdown] (0x0010):
>> > SIGTERM: killing children
>> > (Fri Aug 18 08:20:04 2017) [sssd[nss]] [orderly_shutdown] (0x0010):
>> > SIGTERM: killing children
>> > (Fri Aug 18 08:20:11 2017) [sssd[nss]] [orderly_shutdown] (0x0010):
>> > SIGTERM: killing children
>> > (Fri Aug 18 08:23:32 2017) [sssd[nss]] [orderly_shutdown] (0x0010):
>> > SIGTERM: killing children
>> >
>> > In the client side the log file is empty
>>
>> Well, we don't log anything by default, you need to increase the debug
>> level. See https://docs.pagure.org/SSSD.sssd/users/troubleshooting.html
>>
>>
> I have set the debug level to 9 but still does not log anything.
>
> debug_level = 9
>
>
>> >
>> > I also looked at the option full_name_format to see if I can use the
>> > username and ignore the domain altogether for displaying.
>> > As per the documentation "full_name_format parameter sets how the user
>> name
>> > and domain name (once determined) are displayed".
>> > But when I set it to *full_name_format = %1$s*  I am not able to login
>>
>> This won't work on the server at least, but should work on the clients.
>> But I would suggest to not change the defaults much and only deviate
>> from the defaults once the baseline works.
>>
>
> I am trying at the client side but after I update this parameter login
> breaks completely.
>
>
>
>> _______________________________________________
>> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
>> To unsubscribe send an email to freeipa-users-le...@lists.fedo
>> rahosted.org
>>
>
>
>
> --
> Warm Regards
>
> Supratik
>



-- 
Warm Regards

Supratik
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to