Hi I have two servers "L" & "R" which are connected to the AD. On server L I can login with SSO and I don't have to type password. On server R I can't login with SSO and I have to type the AD password. The user is only defined in the AD not locally.
I have tried "realm leave" + "realm join" and "sss_cache -E". Removed /etc/sssd/* /etc/krb5.keytab /var/lib/sss/db/* to make sure no config was leftover. The /etc/sssd/sssd.conf is equal on both servers. Both servers are running RHEL 7.6. /etc/sssd/sssd.conf : [sssd] domains = acme.com config_file_version = 2 services = nss, pam [domain/acme.com] ad_domain = acme.com krb5_realm = ACME.COM realmd_tags = manages-system joined-with-samba cache_credentials = True id_provider = ad krb5_store_password_if_offline = True default_shell = /bin/bash ldap_id_mapping = True use_fully_qualified_names = False fallback_homedir = /home/%u access_provider = ad debug_level = 7 Any hint much appreciated. best regards Hans
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
