Hi, Sorry i have a hard time explaining exactly what the problem is in technical terms since I'm not sure what they are called.
Essentially, when I power on a machine there is the initial login screen that you are prompted with in ubuntu. If a user has never logged onto a particular machine it doesn't allow them. However, if i have already ssh'd to that machine (via another machine) with the user account, then if i try and do the initial login then it works. Once the user logs in once, i can always login afterwards. Does that make sense? Thomas ________________________________________ From: Jakub Hrozek <[email protected]> Sent: Wednesday, December 14, 2016 4:47 PM To: [email protected] Subject: [SSSD-users] Re: logging into machine with AD credentials for the first time On Wed, Dec 14, 2016 at 08:55:15PM +0000, Thomas Beaudry wrote: > Hi Everyone, > > > i have been able to get sssd to work so i can login with my AD credentials to > a workstation and through ssh, however I am running into a problem. > Whenever a new user tries to login to a ubuntu workstation for the first time > it doesn't allow them. I am guessing the login screen doesn't contact the > windows AD to check credentials (so maybe sssd hasn't been started yet). I > currently have sssd managing the following services: pam, ssh, autofs, and > nss. The workaround that I have found is to ssh to that machine from > another machine with the AD credentials that I would like to use, and then > when I reset the machine i am able to use those credentials at the login > screen. Is there a better way? Do I get it correctly that you can't login through a graphical login manager but you can login with the same user with ssh and then you can login with the gui manager as well? I'm not sure I can answer without seeing some logs but the things I would look for would be: - is pam_sss contacted at all when you log in with the gui login manager? - what kind of error does pam_sss return if you log in with the gui manager? - what is in sssd logs in that case? _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
