Hi. I'm trying to configure a mixed environment with both Windows and Linux machines. Linux is joined to FreeIPA and Windows to AD, the users are on AD and FreeIPA is in a bidirectional trust with AD. The users can login via shell with no problem but cannot login with GDM to access GNOME. I've set a user override in FreeIPA to define the home directory and the shell as AD (samba-tool) does not define them, because due to compatibility reasons with other parts of the infrastructure, is provisioned without Unix attributes (RFC2307 schema).
This is the log from GDM: Sep 23 09:53:07 a418-pc50.ipa.domain.local systemd[1]: Starting gdm.service - GNOME Display Manager... ░░ Subject: A start job for unit gdm.service has begun execution ░░ Defined-By: systemd ░░ Support: https://wiki.almalinux.org/Help-and-Support ░░ ░░ A start job for unit gdm.service has begun execution. ░░ ░░ The job identifier is 402. Sep 23 09:53:07 a418-pc50.ipa.domain.local systemd[1]: Started gdm.service - GNOME Display Manager. ░░ Subject: A start job for unit gdm.service has finished successfully ░░ Defined-By: systemd ░░ Support: https://wiki.almalinux.org/Help-and-Support ░░ ░░ A start job for unit gdm.service has finished successfully. ░░ ░░ The job identifier is 402. Sep 23 09:53:24 a418-pc50.ipa.domain.local gdm-password][5207]: pam_sss(gdm-password:auth): authentication success; logname= uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=test.user Sep 23 09:53:24 a418-pc50.ipa.domain.local gdm-password][5207]: gkr-pam: unable to locate daemon control file Sep 23 09:53:24 a418-pc50.ipa.domain.local gdm-password][5207]: gkr-pam: stashed password to try later in open session Sep 23 09:53:24 a418-pc50.ipa.domain.local gdm-password][5207]: Gdm: could not save session and language settings Sep 23 09:53:24 a418-pc50.ipa.domain.local gdm-password][5207]: pam_systemd(gdm-password:session): Failed to get user record: No such process Sep 23 09:53:24 a418-pc50.ipa.domain.local gdm-password][5207]: pam_unix(gdm-password:session): session opened for user test.user(uid=1369417388) by test.user@ad.domain.local(uid=0) Sep 23 09:53:24 a418-pc50.ipa.domain.local gdm-password][5207]: gkr-pam: unable to locate daemon control file Sep 23 09:53:24 a418-pc50.ipa.domain.local gdm-password][5207]: gkr-pam: gnome-keyring-daemon started properly and unlocked keyring Sep 23 09:53:27 a418-pc50.ipa.domain.local /usr/libexec/gdm-wayland-session[5370]: dbus-daemon[5370]: [session uid=1369417388 pid=5370] Activating service name='org.freedesktop.systemd1' requested by ':1.0' (uid=1369417388 pid=5367 comm="/usr/libexec/gdm-wayland-session /usr/bin/gnome-se" label="unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023") Sep 23 09:53:27 a418-pc50.ipa.domain.local /usr/libexec/gdm-wayland-session[5370]: dbus-daemon[5370]: [session uid=1369417388 pid=5370] Activated service 'org.freedesktop.systemd1' failed: Process org.freedesktop.systemd1 exited with status 1 Sep 23 09:53:27 a418-pc50.ipa.domain.local /usr/libexec/gdm-wayland-session[5367]: Unable to register display with display manager Sep 23 09:53:27 a418-pc50.ipa.domain.local gdm-password][5207]: pam_unix(gdm-password:session): session closed for user test.user Sep 23 09:53:27 a418-pc50.ipa.domain.local gdm[1322]: Gdm: GdmDisplay: Session never registered, failing I'm not sure in what could be the problem. -- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
