On Tue, Nov 06, 2012 at 02:16:26PM +0000, Longina Przybyszewska wrote: > Hi again, > Thanks a lot for guiding me so far :) > > I have got sssd-1.9.2 package from Timo, Ubuntu sssd package maintainer for > Ubuntu Quantal. > > SSSD is configured against AD as auth/id - provider > > sssd.conf > > [sssd] > debug_level = 0x1310 > config_file_version = 2 > services = nss, pam > domains = nat.c.sdu.dk > > [nss] > filter_groups = root > filter_users = root > > [pam] > > [domain/nat.c.sdu.dk] > > debug_level = 0x1310 > > enumerate = False > min_id = 1000 > max_id = 20000 > > auth_provider = ad > id_provider = ad > access_provider = ad > chpass_provider = ad > > ad_server = nat.c.sdu.dk > ad_hostname = testina4$.nat.c.sdu.dk > ad_domain = nat.c.sdu.dk > > > From log: > (Tue Nov 6 13:42:35 2012) [sssd[be[nat.c.sdu.dk]]] > [be_resolve_server_process] (0x1000): Saving the first resolved server > (Tue Nov 6 13:42:35 2012) [sssd[be[nat.c.sdu.dk]]] > [be_resolve_server_process] (0x0200): Found address for server nat.c.sdu.dk: > [10.144.5.18] TTL 455 > (Tue Nov 6 13:42:35 2012) [sssd[be[nat.c.sdu.dk]]] [sasl_bind_send] > (0x0100): Executing sasl bind mech: gssapi, user: testina4$ > (Tue Nov 6 13:42:35 2012) [sssd[be[nat.c.sdu.dk]]] [fo_set_port_status] > (0x0100): Marking port 0 of server 'nat.c.sdu.dk' as 'not working > (Tue Nov 6 13:42:35 2012) [sssd[be[nat.c.sdu.dk]]] [fo_resolve_service_send] > (0x0100): Trying to resolve service 'AD' > (Tue Nov 6 13:42:35 2012) [sssd[be[nat.c.sdu.dk]]] [get_server_status] > (0x1000): Status of server 'nat.c.sdu.dk' is 'name resolved' > (Tue Nov 6 13:42:35 2012) [sssd[be[nat.c.sdu.dk]]] [get_port_status] > (0x1000): Port status of port 0 for server 'nat.c.sdu.dk' is 'not working' > (Tue Nov 6 13:42:35 2012) [sssd[be[nat.c.sdu.dk]]] [be_resolve_server_done] > (0x1000): Server resolution failed: 5 > (Tue Nov 6 13:42:35 2012) [sssd[be[nat.c.sdu.dk]]] [acctinfo_callback] > (0x0100): Request processed. Returned 1,11,Offline > (Tue Nov 6 13:42:35 2012) [sssd[be[nat.c.sdu.dk]]] [remove_krb5_info_files] > (0x0200): Could not remove [/var/lib/sss/pubconf/kpasswdinfo.NAT.C.SDU.DK], > [2][No such file or directory >
There is not all the information in the log, raising the debug_level might provide more info, but I think the problem is in the kinit. Can you kinit as the principal specified in the ad_hostname and then ldapsearch the directory? Are you sure about the principal in ad_hostname? I think it is typically HOST$@DOMAIN, your principal doesn't contain the at-sign. _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
