Hello,
I'm trying to login on a machine from domain2 (machine is joined in domain2) using a user from domain1, but it keeps failing. Also, using pbis I can login without problems.
Users from domain2 can login successfully. Also, I can login on machines registered in domain1 using the same user.
Most probably it fails because of this error:
Extended failure message: [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)]
Maybe someone can take a look at the attached logs and give me a hint on what is wrong?
sssd says domain1 is a subdomain for domain2:
(Wed Oct 15 08:42:35 2014) [sssd[pam]] [new_subdomain] (0x0400): Creating [ domain1.net] as subdomain of [domain2.net]! (Wed Oct 15 08:42:35 2014) [sssd[pam]] [new_subdomain] (0x0400): Creating [ ie-aws.domain2.net] as subdomain of [domain2.net]!
Configuration: authconfig --enablesssd --enablesssdauth --enablemkhomedir --update --disableldaptls --enableldap --enablelocauthorize --update
sssd version: 1.12.1-2.el7.centos
sssd.conf: [sssd] services = nss, pam config_file_version = 2 domains = optymyze.net override_space = ^
[domain/optymyze.net] id_provider = ad auth_provider = ad access_provider = ad chpass_provider = ad dyndns_update = false create_homedir = true override_homedir = /home/%d/%u override_shell = /bin/bash timeout = 3600 [pam] timeout = 3600 [nss] timeout = 3600