subject:"\[Freeipa\-users\] Password\-based authentication with AD users does not work"

Re: [Freeipa-users] Password-based authentication with AD users does not work

2017-04-11 Thread Sumit Bose

On Mon, Apr 10, 2017 at 11:49:05AM +0200, Ronald Wimmer wrote: > On 2017-04-07 10:28, Sumit Bose wrote: > > [...] > > I'm not aware of any limitation here. Have you tried to run 'ipa > > trust-fetch-domains ad.forest.root' to update the list? > > > > If this does not help please add 'log level =

Re: [Freeipa-users] Password-based authentication with AD users does not work

2017-04-10 Thread Ronald Wimmer

On 2017-04-07 10:28, Sumit Bose wrote: [...] I'm not aware of any limitation here. Have you tried to run 'ipa trust-fetch-domains ad.forest.root' to update the list? If this does not help please add 'log level = 100' to /usr/share/ipa/smb.conf.empty so that it looks like: [global]

Re: [Freeipa-users] Password-based authentication with AD users does not work

2017-04-07 Thread Sumit Bose

On Fri, Apr 07, 2017 at 09:46:45AM +0200, Ronald Wimmer wrote: > On 2017-04-06 20:50, Sumit Bose wrote: > > On Thu, Apr 06, 2017 at 01:55:02PM +0200, Ronald Wimmer wrote: > > > On 2017-04-06 12:16, Sumit Bose wrote: > > > > On Thu, Apr 06, 2017 at 12:58:32PM +0200, Ronald Wimmer wrote: > > > >

Re: [Freeipa-users] Password-based authentication with AD users does not work

2017-04-07 Thread Ronald Wimmer

On 2017-04-06 20:50, Sumit Bose wrote: On Thu, Apr 06, 2017 at 01:55:02PM +0200, Ronald Wimmer wrote: On 2017-04-06 12:16, Sumit Bose wrote: On Thu, Apr 06, 2017 at 12:58:32PM +0200, Ronald Wimmer wrote: [...] AD trust: mydomain.at (forest root) xyz (subdomain -> where myuser resides) BCC

Re: [Freeipa-users] Password-based authentication with AD users does not work

2017-04-06 Thread Ronald Wimmer

Zitat von Sumit Bose : On Thu, Apr 06, 2017 at 01:55:02PM +0200, Ronald Wimmer wrote: On 2017-04-06 12:16, Sumit Bose wrote: > On Thu, Apr 06, 2017 at 12:58:32PM +0200, Ronald Wimmer wrote: > [...] > > AD trust: > > mydomain.at (forest root) > > xyz (subdomain -> where myuser

Re: [Freeipa-users] Password-based authentication with AD users does not work

2017-04-06 Thread Sumit Bose

On Thu, Apr 06, 2017 at 01:55:02PM +0200, Ronald Wimmer wrote: > On 2017-04-06 12:16, Sumit Bose wrote: > > On Thu, Apr 06, 2017 at 12:58:32PM +0200, Ronald Wimmer wrote: > > [...] > > > AD trust: > > > mydomain.at (forest root) > > > xyz (subdomain -> where myuser resides) > > > > > > BCC

Re: [Freeipa-users] Password-based authentication with AD users does not work

2017-04-06 Thread Ronald Wimmer

On 2017-04-06 12:16, Sumit Bose wrote: On Thu, Apr 06, 2017 at 12:58:32PM +0200, Ronald Wimmer wrote: [...] AD trust: mydomain.at (forest root) xyz (subdomain -> where myuser resides) BCC (appearing in krb5_child.log) is not a domain here. It is my company's name and might derive from some

Re: [Freeipa-users] Password-based authentication with AD users does not work

2017-04-06 Thread Sumit Bose

On Thu, Apr 06, 2017 at 12:58:32PM +0200, Ronald Wimmer wrote: > On 2017-04-06 11:21, Sumit Bose wrote: > > On Thu, Apr 06, 2017 at 12:10:29PM +0200, Ronald Wimmer wrote: > > > Hi, > > > > > > when I try to login to an IPA client with my AD user it works perfectly > > > when > > > I already have

Re: [Freeipa-users] Password-based authentication with AD users does not work

2017-04-06 Thread Ronald Wimmer

On 2017-04-06 12:58, Ronald Wimmer wrote: [...] BCC (appearing in krb5_child.log) is not a domain here. It is my company's name and might derive from some information in the AD. After doing an LDAP search on the domain controller of my AD domain (xyz.mydomain.at) I found out that my

Re: [Freeipa-users] Password-based authentication with AD users does not work

2017-04-06 Thread Ronald Wimmer

On 2017-04-06 11:21, Sumit Bose wrote: On Thu, Apr 06, 2017 at 12:10:29PM +0200, Ronald Wimmer wrote: Hi, when I try to login to an IPA client with my AD user it works perfectly when I already have a kerberos ticket for my user. When I do not and I try a password-based login it fails: Please

Re: [Freeipa-users] Password-based authentication with AD users does not work

2017-04-06 Thread Sumit Bose

On Thu, Apr 06, 2017 at 12:10:29PM +0200, Ronald Wimmer wrote: > Hi, > > when I try to login to an IPA client with my AD user it works perfectly when > I already have a kerberos ticket for my user. When I do not and I try a > password-based login it fails: Please send the sssd_domain.log and

[Freeipa-users] Password-based authentication with AD users does not work

2017-04-06 Thread Ronald Wimmer

Hi, when I try to login to an IPA client with my AD user it works perfectly when I already have a kerberos ticket for my user. When I do not and I try a password-based login it fails: Password-based: (Thu Apr 6 10:39:12 2017) [sssd[pam]] [pam_check_user_search] (0x0400): Returning info for

Re: [Freeipa-users] Password-based authentication with AD users does not work

Re: [Freeipa-users] Password-based authentication with AD users does not work

Re: [Freeipa-users] Password-based authentication with AD users does not work

Re: [Freeipa-users] Password-based authentication with AD users does not work

Re: [Freeipa-users] Password-based authentication with AD users does not work

Re: [Freeipa-users] Password-based authentication with AD users does not work

Re: [Freeipa-users] Password-based authentication with AD users does not work

Re: [Freeipa-users] Password-based authentication with AD users does not work

Re: [Freeipa-users] Password-based authentication with AD users does not work

Re: [Freeipa-users] Password-based authentication with AD users does not work

Re: [Freeipa-users] Password-based authentication with AD users does not work

[Freeipa-users] Password-based authentication with AD users does not work

12 matches

Site Navigation

Mail list logo

Footer information