Stephen / Sumit, Thanks for your responses...
> This sounds like pam_krb5 is still called somewhere in your pam stack > and doing authentication instead of sssd. It does seem that way, but grep'ing through /etc/pam.d/* reveals no instances of krb. I rebooted the box just to make sure nothing was hanging around from before. > Could you send the (sanitized) sssd_default.log of the login? Attached. I'll also attach my sssd.conf, sshd_config, and /etc/pam.d/system-auth (which is identical to password-auth). In my sshd_config, I've still got GSSAPIAuthentication enabled. Is this somehow bypassing sssd? I tried disabling it and leaving UsePAM enabled, and couldn't login with my kerb ticket. Norman > > HTH > > bye, > Sumit > > >> >> What would cause sssd to not recognize the cache name? selinux is in >> permissive mode, I tried blowing away my sssd config (deleted all the >> ldb databases) and reconfiguring everything from scratch with >> authconfig. I'm not convinced something is leftover from a previous >> bad config, but am not sure where else to look. >> >> Thanks for all the help, >> >> Norman >> _______________________________________________ >> sssd-devel mailing list >> [email protected] >> https://fedorahosted.org/mailman/listinfo/sssd-devel > _______________________________________________ > sssd-devel mailing list > [email protected] > https://fedorahosted.org/mailman/listinfo/sssd-devel >
sssd.conf
Description: Binary data
sssd.log
Description: Binary data
system-auth
Description: Binary data
sshd_config
Description: Binary data
_______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
