[SSSD-users] Re: username is mapped to username\@MYDOMAIN.COM\@mydomain....@mydomain.com in kerberos

2017-03-09 Thread Maciej Piechotka
Ok. Removing and recreating /var/lib/sssd worked. Thank you very much > On Thu, Mar 09, 2017 at 12:14:08AM -0000, Maciej Piechotka wrote: > > It looks like due to the misconfiguration(?) SSSD stored a wrong > representation of the canonical Kerberos principal in its cache. I thin

[SSSD-users] username is mapped to username\@MYDOMAIN.COM\@mydomain....@mydomain.com in kerberos

2017-03-08 Thread Maciej Piechotka
On one computer (Arch) I have misconfigured sssd and when I try to use PAM sssd tries to get ticket for username\@MYDOMAIN.COM\@mydomain@mydomain.com. On others (Gentoo) it works find. (Tue Mar 7 16:10:03 2017) [[sssd[ldap_child[5845 [ldap_child_get_tgt_sync] (0x0100): Principal name

[SSSD-users] Re: Adding service to sssd + AD

2016-07-21 Thread Maciej Piechotka
Ondrej Valousek s3group.com> writes: > > Try "net ads keytab add afs" - but it's probably not going to work without admin privileges in AD. > O. > Thanks. I've run: % sudo net -U ads keytab add afs Processing principals to add... % sudo net -U ads keytab list | grep afs || echo "None found"

[SSSD-users] Adding service to sssd + AD

2016-07-21 Thread Maciej Piechotka
I have following configuaration: [sssd] config_file_version = 2 domains = domain.com services = nss, pam [nss] [pam] [domain/domain.com] cache_credentials = true id_provider = ad auth_provider = ad access_provider = simple default_shell = /bin/zsh fallback_homedir = /home/%d/%u