On Tue, Nov 13, 2012 at 03:40:14PM +0000, Longina Przybyszewska wrote: > > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Jakub Hrozek > Sent: 13. november 2012 14:58 > To: [email protected] > Subject: Re: [SSSD-users] problems sssd-1.9.2 > > On Tue, Nov 13, 2012 at 12:44:45PM +0000, Longina Przybyszewska wrote: > > Hi, > > I try sssd-1.9.2 on Ubuntu-Quantal with ad-provider. > > > > So far I can login to the desktop with AD identity; Login hangs a bit > > because of unknown group; > > > > What is the best practice to resolve the group (set up > > PrimaryGroupId, run idmap????) > > > > Sorry, I don't quite understand this problem...are you seeing a particular > group GID not being converted from SID? > > Or are you seeing failures due to the SSSD attempting to convert any of the > "local" groups such as "Domain Users" ? > > I see messages about groups - why so many at one aduser login? > .......... > Groups: cannot find name for group ID 332400513 > Groups: cannot find name for group ID 988022561 > Groups: cannot find name for group ID 988803222 > Groups: cannot find name for group ID ..... > ....and tens more... >
OK, I suspect you are hitting https://bugzilla.redhat.com/show_bug.cgi?id=867874 which was resolved recently as well. > > > The option 'default_shell = /bin/bash' in sssd.conf doesn't seem to > > have effect. > > I would expect it being visible In users info: > > > > Into which section in the SSSD did you put the default_shell option? In > 1.9.2 it was only supported in the [nss] section, we changed the option to > also take effect in the domain section during 1.9.3 development. > > OK - I put it into [domain] Right, in 1.9.2 it only works in the [nss] section. It's going to also work from the [domain] section in 1.9.3 > > > getent passwd imadatestuser > > imadatestuser:*:332410389:332400513:IMADAtest Testesen:/home/imadatestuser: > > > > > > In pam.d/common-session I added entry for case of nonexistent homedir > > reference, and shell - so ADuser can login. > > > > Do your users have any home directory at all? Could you maybe use the > fallback_homedir or override_homedir directives? > > Yes, I do use fallback_homedir in [domain] section and that works. > > Linux users have homedirs on NFSserver - auto.home maps are in NIS format. > You might also be interested in the automounter integration, although I'm not sure that piece of functionality had been backported to Ubuntu yet. The Ubuntu automounter maintainer would know best. > Your SSSD is really great piece of software - so elegant concept ! I love it. > We are really glad to hear this, thank you! _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
