Hi Jakub,
I increased the log level in every SSSD section to 6 and got following output,
hope that helps.
KRB5_CHILD.LOG: https://s.mit42.de/IR6tu
SSSD_SUDO.LOG (two tries are logged in it): https://s.mit42.de/WF1Jl
SSSD_IPA-LX.COM: https://s.mit42.de/frBvx
Best regards,
Fabian
-Ursprüng
Hi,
I just submitted a sudo troubleshooting guide [1]. If you find anything
missing, please, let me know.
[1] https://fedorahosted.org/sssd/wiki/HOWTO_Troubleshoot_SUDO
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to h
Ok, that was it:
sssd Version: 1.12.5-1~trusty1
I inverted the sudoOrders:
sudo -l
Matching Defaults entries for karl on :
env_reset, mail_badpass,
secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
User karl may run the following commands on :
(ALL) NOP
On 10/09/2015 01:36 PM, Karl Forner wrote:
Ok, that was it:
sssd Version: 1.12.5-1~trusty1
I inverted the sudoOrders:
sudo -l
Matching Defaults entries for karl on :
env_reset, mail_badpass,
secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
User karl may run
> Thanks. Please, keep in mind that we changed the default to the correct
> order in sssd 1.13.1. Therefore if you update sssd you will either have to
> invert the order again or set sudo_inverse_order = true in [sudo] in
> /etc/sssd/sssd.conf.
ok. I don't think there's an easy way to upgrade sssd
On Wed, Oct 07, 2015 at 01:23:06PM +0200, Guillem Liarte wrote:
> Sumit,
>
> Thanks for you reply.
>
> Ues, I have debug enabled: With level 5 I see that here is where it spends
> most of its time:
>
> (Wed Oct 7 13:14:17 2015) [sssd[be[#.com]]] [be_get_account_info]
> (0x0200): Got request for
On 10/09/2015 01:40 PM, Karl Forner wrote:
Thanks. Please, keep in mind that we changed the default to the correct
order in sssd 1.13.1. Therefore if you update sssd you will either have to
invert the order again or set sudo_inverse_order = true in [sudo] in
/etc/sssd/sssd.conf.
ok. I don't thi
Thanks Sumit.
The version of sssd is 1.12.2-58.el7_1.17
I do not have any AD trusts defined, I suppose I should not see those
messages.
Thanks again.
Guillem
On 9 October 2015 at 14:06, Sumit Bose wrote:
> On Wed, Oct 07, 2015 at 01:23:06PM +0200, Guillem Liarte wrote:
> > Sumit,
> >
> > Tha
