On Fri, Jul 03, 2015 at 07:52:12PM +0300, l...@avc.su wrote:
> OK, seems like I've found the cause.
> 
> /etc/sssd/sssd.conf
> default_domain_suffix = zone.local
> 
> If I comment this out, I can login using password or publickey with ipa user
> and using password with AD user, but I need to specify the domain component.
> Found this thread:
> https://www.redhat.com/archives/freeipa-users/2015-February/msg00371.html
> And this bug: https://fedorahosted.org/sssd/ticket/2569
> 
> Since it's fixed, it should appear in sssd 1.13 release?

yes, it is already in the alpha
https://fedorahosted.org/released/sssd/sssd-1.13.0alpha.tar.gz .

bye,
Sumit

> 
> l...@avc.su писал 2015-07-03 18:29:
> >Hello.
> >I've encountered an issue with ssh login to freeipa clients in trusted
> >environment.
> >getent/id commands working as expected, but password/publickey auth
> >for user from ipa or AD domain does not work (gssapi works, by the
> >way)
> >Seems like sss_ssh_authorizedkeys not working properly in this case.
> 
> -- 
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to