On Mon, Jun 25, 2018 at 05:12:25PM +0200, John Hearns wrote: > After 30 days of running sssd I found that my test workstation no longer > connected to the domain. > The machine account password had timed out. > I now run a daily cron job using msktutil wihch will auto-update the > password. > > However I should not have to do this. sssd should update the machine > password. > > I can see entries in the logs such that the machine account password > renewal task is enabled. > Then: > > [be_ptask_execute] (0x0400): Task [AD machine account password renewal]: > executing task, timeout 60 seconds > > How though can I see if this taks is successful or not? > I realise that if the machine account is less than 30 days old the task > probably silently completes OK without any logging.
Do you have adcli installed? If you set 'debug_level=7' or higher in the [domain/...] section of sssd.conf you should be able to find the debug output of adcli in the logs, it will start with '--- adcli output start---'. HTH bye, Sumit > > The version of sssd is 16.1 running on Ubuntu > > > John Hearns > _______________________________________________ > sssd-users mailing list -- sssd-users@lists.fedorahosted.org > To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/sssd-users@lists.fedorahosted.org/message/2F77SPP4CXHS4YMKCMHIA5EJHI424VNV/ _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/sssd-users@lists.fedorahosted.org/message/EHQHLPX24S45CM4ELUUDG7NHQHWQK7TE/