Hi sssd users, Currently i have a working installation of SSSDwith ubuntu 18.10 using sssd, pam-sssd and kerberos authentification on AD directory of my university.
Now, before i'm trying to install the plugin automount/autofs for sssd, i'm
trying to mount manually a cifs, and the problem begin.
After opening a domain session, veryfying using KList that kerberos ticket is
ok, i'm running this command :
sudo mount -v -t cifs -o user=${USER},cruid=${USER},sec=krb5,uid=${UID}
//mydomain/myshare /home/mydomain/myshare
This command return a :
Mount error(126) : Required Key not available.
When i check on journalctl -xe, i see that cifs.upcall :
- get_existing_cc:default ccache FILE:/tmp/krb5cc_1735128554
- handle_krb5_mech:getting service ticket for mydomain
- cifs_krb5_get_req : unable to get credentials for mydomain ...
Veryfing with klist -kte i have 3 type of key :
- myhostname@mydomain
- host/myhostname@mydomain
- restrictedKrbHost@mydomain
But if i use this session, this is because the key exist ... so i'm starting to
strace cifs.upcall binary to see what happens in details :
- The /var/lib/sss/pubconf/kdcinfo.mydomain is correctly found and read by cifs
- The /var/lib/sss/pubconf/kpasswdinfo.mydomain return a no such file or
directory
Program end with unable to get credential for mydomain...
What is this problem with kpasswdinfo which do not exist ? Any idea ?
I'm using ubuntu 18.10 with sssd 1.16.3
Best regards,
SR
--
Sébastien Rey-Coyrehourcq
Research Engineer UMR IDEES
02.35.14.69.30
{Stronger security for your email, follow EFF tutorial : https://ssd.eff.org/}
signature.asc
Description: This is a digitally signed message part
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
