On Mon, May 23, 2016 at 4:26 PM, Rob Crittenden wrote:
> https://lists.fedorahosted.org/archives/list/sssd-de...@lists.fedorahosted.org/thread/TUZ6ZWLRZ6QSMUHV44PRT75T6OVBGILK/
This was exactly our issue. We were able to build a patched version,
and our forest AD user could log in successfully.
On Wed, May 25, 2016 at 09:43:55AM -0500, Erik Mackdanz wrote:
> On Mon, May 23, 2016 at 4:26 PM, Rob Crittenden wrote:
> > https://lists.fedorahosted.org/archives/list/sssd-de...@lists.fedorahosted.org/thread/TUZ6ZWLRZ6QSMUHV44PRT75T6OVBGILK/
>
> This was exactly our issue. We were able to buil
Erik Mackdanz wrote:
For the bug you mentioned ([1], downstream [2]), there is a patch but
it's not publicly accessible. Are you able post the patch to this
list? It may help us determine if we are directly affected.
https://lists.fedorahosted.org/archives/list/sssd-de...@lists.fedorahosted.o
For the bug you mentioned ([1], downstream [2]), there is a patch but
it's not publicly accessible. Are you able post the patch to this
list? It may help us determine if we are directly affected.
Thanks,
Erik
[1] https://fedorahosted.org/sssd/ticket/3015
[2] https://bugzilla.redhat.com/show_bug
> On 20 May 2016, at 19:31, Erik Mackdanz wrote:
>
> Thanks Jakub,
>
> Yes, the "marking subdomain ... inactive" portion is below.
>
> There are failures in resolving the Global Catalog via SRV, but what
> I've read says that should be okay because we fall back to the
> SID<->UID mapping. Wit
Thanks Jakub,
Yes, the "marking subdomain ... inactive" portion is below.
There are failures in resolving the Global Catalog via SRV, but what
I've read says that should be okay because we fall back to the
SID<->UID mapping. With dig, I can reproduce sssd's finding that
those SRV records don't e
On Thu, May 19, 2016 at 05:18:43PM -0500, Erik Mackdanz wrote:
> Hello,
>
> I've set up a one-way trust to an Active Directory domain. Things
> seem to roughly work, but something's missing.
>
> Can any kind soul spot a problem with my configuration, or advise on
> how to further troubleshoot?
>
Hello,
I've set up a one-way trust to an Active Directory domain. Things
seem to roughly work, but something's missing.
Can any kind soul spot a problem with my configuration, or advise on
how to further troubleshoot?
Facts:
- An AD user gets 'Access denied' when SSH'ing by password to the
F