On (28/01/18 10:19), Amichai Rotman wrote: >Hello all, > >I am having a very annoying problem with SSSD and AD: > >I have a lab with 5 Ubuntu 16.04 LTS Desktops clients that I configured to >authenticate with the University's Active Directory. > > >SSSD is configured with Samba and Kerberos 5. > >All was working well when we used Ubuntu 14.04. > >The Problem: > >If one of the students never logged in before, or was away for more than a >week - LightDM claims the password is incorrect - even if we know for sure it >is correct. > I would recommend to check log files based on out troubleshooting page https://docs.pagure.org/SSSD.sssd/users/troubleshooting.html#troubleshooting-authentication-password-change-and-access-control
>We have two Active Directory domains, sometimes the same user succeeds in >logging in, other times - not... > >I am guessing it has to do with the credential cache (GPO Cache?) > > 1. Is there a way to check which domains SSSD authenticates against, not > read it from the local configuration? Not easily with version which is in Ubuntu 16.04 LTS. You might check ldap connection between sssd and LDAP server with following command: lsof -i TCP | grep sssd_be LS _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
