I repeated the steps in a bionic lxd container. I had to install packagekit, which you already have on a desktop, but in the end it's working, and I have no /etc/krb5.conf file at all:
ubuntu@bionic-sssd-desktop-team:~$ id [email protected] uid=1725801106([email protected]) gid=1725800513(domain [email protected]) groups=1725800513(domain [email protected]),1725801118([email protected]) I noticed I'm using fully qualified names, but you have "use_fully_qualified_names = False" in your sssd config. The other difference is that realmd (or adcli) added "ldap_sasl_authid = BIONIC-SSSD-DES$" to my sssd.conf Finally, you also have "ad_server = adc01.warthogs.biz" which I didn't need. I wonder if in my case the client is fetching some configuration from the DNS server? Did you also install DNS on your AD, and integrate it together? Your log shows "Configuration file does not specify default realm", which is definitely something that would live in /etc/krb5.conf, but it's also set in sssd.conf via "krb5_realm". Actually, let me take a look at your full debug log, as I was looking just at what you added to the bug description. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1893438 Title: Cannot resolve users without an existing /etc/krb5.conf To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1893438/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
