Hi community! I integrate sssd with Windows Active Directoy using ldaps and certificates without entering the linux servers into domain... and I can login sucessully on my linux servers using correct groups and everythings going well.... but in the logs i'm still watching this kind of issues... what could be ? [simple_check_get_groups_primary] (0x0040): Could not look up primary group [948600513]: [2][No such file or directory] uid=948609251(emper0r) gid=948600513 groups=948600513,948602187(vcenterfulladmin),948610184(linuxadmin) this group numbers are from active directory...
the other thing is .. in that linux we have on /etc/resolv.conf the ip address of DNS where all records point ok but we receive this errors too. (2021-03-12 14:13:10): [be[mydomain.local]] [resolv_gethostbyname_done] (0x0040): querying hosts database failed [5]: Input/output error (2021-03-12 14:13:10): [be[mydomain.local]] [sdap_sudo_get_hostnames_done] (0x0040): Could not resolve fqdn for this machine, error [5]: Input/output error, resolver returned: [11]: Could not contact DNS servers (2021-03-12 14:13:10): [be[mydomain.local]] [sdap_sudo_get_hostinfo_done] (0x0020): Unable to retrieve hostnames [5]: Input/output error (2021-03-12 14:13:10): [be[mydomain.local]] [sdap_sudo_refresh_hostinfo_done] (0x0040): Unable to retrieve host information, host filter will be disabled [5]: Input/output error Apart of this I can login into linux server with my user from AD specified on linuxadmin group, so works good! OS: CentOS 8 Sssd versions sssd-dbus-2.3.0-9.el8.x86_64 sssd-krb5-common-2.3.0-9.el8.x86_64 sssd-ldap-2.3.0-9.el8.x86_64 sssd-client-2.3.0-9.el8.x86_64 sssd-nfs-idmap-2.3.0-9.el8.x86_64 sssd-krb5-2.3.0-9.el8.x86_64 sssd-proxy-2.3.0-9.el8.x86_64 sssd-ipa-2.3.0-9.el8.x86_64 sssd-ad-2.3.0-9.el8.x86_64 sssd-tools-2.3.0-9.el8.x86_64 sssd-common-2.3.0-9.el8.x86_64 python3-sssdconfig-2.3.0-9.el8.noarch sssd-kcm-2.3.0-9.el8.x86_64 sssd-common-pac-2.3.0-9.el8.x86_64 sssd-2.3.0-9.el8.x86_64 kernel: 4.18.0-240.1.1.el8_3.x86_64 [APK] Antonio Peña Díaz Sistemisti e Sistemi Informativi Interni Area Tecnica APKAPPA S.r.l. sede legale Via F. Albani, 21 20149 Milano | p.iva/vat no. IT-08543640158 sede amministrativa e operativa Reggio Emilia (RE) via M. K. Gandhi, 24/ A 42123 - sede operativa Magenta (MI) via Milano, 89/91 20013 tel. 02 94454 000 | fax 02 94454 339 www.apkappa.it Seguici su: [Facebook]<https://www.facebook.com/apkappasrl> [LinkedIn] <https://www.linkedin.com/company/apkappasrl> [Twitter] <https://www.utilitiespress.it/apkappa/> Questo messaggio elettronico ed i suoi allegati sono riservati e tutelati dal segreto professionale. Sono rivolti esclusivamente al/ai destinatario/i identificato/i. Pertanto ne è proibita la lettura, copiatura, divulgazione e utilizzazione da parte di chiunque altro non sia autorizzato. Se non siete il destinatario o avete ricevuto questo messaggio per errore, vi invitiamo a cancellare il messaggio ed eventuali allegati dandone immediatamente comunicazione scritta a mezzo posta elettronica al mittente. I dati dell’interessato sono trattati da APKAPPA S.r.l. nel pieno rispetto del Regolamento (UE) 679/2016 e del D.Lgs. 196/2003 s.m.i. Informazioni dettagliate, anche in ordine al diritto di accesso e agli altri diritti, sono disponibili sul sito www.apkappa.it nella sezione PRIVACY. This message and its attachments are confidential and protected by professional secrecy. They are addressed exclusively to the identified recipient (s). Therefore reading, copying, disclosure and use by anyone else who is not authorized is prohibited. If you are not the recipient or have received this message by mistake, we invite you to delete the message and any attachments by immediately sending written notice to the sender by e-mail. The data of the interested party are processed by APKAPPA Srl in full compliance with the Regulation (EU) 679/2016 and the Legislative Decree 196/2003 s.m.i. Detailed information, including on the right of access and other rights, is available on the website www.apkappa.it in the PRIVACY section
_______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
