Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-07 Thread Jakub Hrozek
On Tue, Jan 07, 2014 at 12:00:56AM +0200, Genadi Postrilko wrote: sssd_example.com.log after changing the debug level: https://gist.github.com/anonymous/8290381#file-sssd_example-com-log This info from the log: (Mon Jan 6 13:23:11 2014) [sssd[be[example.com]]] [ipa_s2n_exop_done] (0x0400):

Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-06 Thread Jakub Hrozek
On Fri, Jan 03, 2014 at 07:29:54PM +0200, Genadi Postrilko wrote: Here are the other logs as well (ldap_child.log, sssd_pac.log, sssd_ssh.log). https://gist.github.com/anonymous/8242061 I attempted to log in (as administra...@addc.com) at 9:04. Thanks for the help. You need the

Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-06 Thread Genadi Postrilko
sssd_example.com.log after changing the debug level: https://gist.github.com/anonymous/8290381#file-sssd_example-com-log [genadi@ipaserver root]$ wbinfo -u (no output) [genadi@ipaserver root]$ wbinfo -g admins editors default smb group ad_users ad_admins [genadi@ipaserver root]$ wbinfo

Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-05 Thread Genadi Postrilko
What is content of the log when SSSD is doing auth? When i log in with IPA domain client, the output of the log is (anything non standard?): Jan 5 12:08:37 ipaserver sshd[24434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.227.1 user=

Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-04 Thread Genadi Postrilko
Output from /var/log/secure: Jan 4 15:03:02 ipaserver sshd[5958]: Invalid user Administrator@ADDC.COMfrom 192.168.227.1 Jan 4 15:03:02 ipaserver sshd[5959]: input_userauth_request: invalid user administra...@addc.com Jan 4 15:03:06 ipaserver sshd[5958]: pam_unix(sshd:auth): check pass; user

Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-03 Thread Jakub Hrozek
On Fri, Jan 03, 2014 at 12:33:16AM +0200, Genadi Postrilko wrote: Here are the *sssd.log, **sssd_nss.log. *Other logs where empty of did not contain the output for the relevant log in. https://gist.github.com/anonymous/8228284 According to gist, you only provided the debug logs from the

Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-03 Thread Genadi Postrilko
Here are the other logs as well (ldap_child.log, sssd_pac.log, sssd_ssh.log). https://gist.github.com/anonymous/8242061 I attempted to log in (as administra...@addc.com) at 9:04. Thanks for the help. ___ Freeipa-users mailing list

Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-02 Thread Rob Crittenden
Genadi Postrilko wrote: Hi all. I have a running IPA Server (3.0.0-37) on RHEL 6.2. I'm trying to create Trust between IPA server and AD (In different DNS domains). I followed the red hat guide

Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-02 Thread Genadi Postrilko
Its a newly installed IPA Server, haven't added any Rules. The relevant output from /var/log/secure : Jan 2 13:36:24 ipaserver sshd[4864]: Invalid user from 192.168.227.100 Jan 2 13:36:24 ipaserver sshd[4865]: input_userauth_request: invalid user Jan 2 13:36:26 ipaserver sshd[4865]:

Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-02 Thread Dmitri Pal
On 01/02/2014 04:45 PM, Genadi Postrilko wrote: Its a newly installed IPA Server, haven't added any Rules. The relevant output from /var/log/secure : Jan 2 13:36:24 ipaserver sshd[4864]: Invalid user from 192.168.227.100 Jan 2 13:36:24 ipaserver sshd[4865]: input_userauth_request: invalid

Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-02 Thread Andrew Holway
If you add debug_level = 5 into every section of /etc/sssd/sssd.conf Restart sssd Try and log in again cat /var/log/sssd/* And paste that somewhere. On 2 January 2014 21:45, Genadi Postrilko genadip...@gmail.com wrote: Its a newly installed IPA Server, haven't added any Rules. The

Re: [Freeipa-users] Cannot loging via SSH with AD user TO IPA Domain.

2014-01-02 Thread Genadi Postrilko
Here are the *sssd.log, **sssd_nss.log. *Other logs where empty of did not contain the output for the relevant log in. https://gist.github.com/anonymous/8228284 2014/1/2 Dmitri Pal d...@redhat.com On 01/02/2014 04:45 PM, Genadi Postrilko wrote: Its a newly installed IPA Server, haven't