On Wed, Sep 26, 2012 at 11:08 PM, David Sastre Medina <
d.sastre.med...@gmail.com> wrote:

> On Wed, Sep 26, 2012 at 03:06:40PM -0400, Rob Crittenden wrote:
> > David Sastre wrote:
> > > [big snip]
> > Does sssd work on this machine otherwise? getent passwd <foo>, you
> > can log into the console as the user, or perhaps kinit to the user?

It looks like sssd is operating correctly
$ getent passwd dsastrem
dsastrem:*:1543400001:1543400001:David Sastre

I can also kinit w/o problems:
$ klist
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_500)

$ kinit dsastrem
Password for dsast...@some.domain.com:

$ klist
Ticket cache: FILE:/tmp/krb5cc_500
Default principal: dsast...@some.domain.com

I can log in using ssh, and the log shows:
debug1: Authentication succeeded (gssapi-with-mic).

Valid starting     Expires            Service principal
09/27/12 07:59:36  09/28/12 07:59:36  krbtgt/some.domain....@some.domain.com
        renew until 09/28/12 08:01:20

Yet, sudo fails to authenticate me:
dsastrem@obelix ~
$ sudo ip addr show
[sudo] password for dsastrem:
Sorry, try again.
[sudo] password for dsastrem:
Sorry, try again.
[sudo] password for dsastrem:
sudo: 2 incorrect password attempts
Freeipa-users mailing list

Reply via email to