On (29/07/19 15:23), Sherman Lilly wrote: >I went through doc earlier. I can change the access_provider to permit and >it works but when set to "ad" I get a system error. I can run "id" and >"getent" and everything works fine. In the sssd_pam.log I get this >"[sssd[pam]] [sss_dp_get_reply] (0x0010): The Data Provider returned an >error [org.freedesktop.sssd.Error.DataProvider.Offline]" when I try to >"su". I have turn debug all the way up and sssd.log is showing all >successes. The domain sssd log has quite a few errors. Most are probably >not relevant. The one it looks to have died on is > >[netlogon_get_domain_info] (0x0080): No netlogon site name data available. >[ad_master_domain_netlogon_done] (0x0400): Found flat name [domain]. >[ad_master_domain_netlogon_done] (0x0400): Found site [(null)]. >[ad_master_domain_netlogon_done] (0x0400): Found forest [domain.org]. >[ad_gpo_site_name_retrieval_done] (0x0040): Cannot retrieve master domain >info >[ad_gpo_process_som_done] (0x0040): Unable to get som list: [2](No such >file or directory) >[sdap_id_op_destroy] (0x4000): releasing operation connection >[ad_gpo_access_done] (0x0040): GPO-based access control failed. > >I remember something in the log but couldn't find again, it said something >about the home folder not able to be created but it was created when I ran >with "permitted" >
It looks like you hit a bug which was fixed in upstream 1.16.2 https://pagure.io/SSSD/sssd/issue/3680 LS _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
