On Tue, Jan 23, 2018 at 07:44:04PM -0500, goehle@gmail.com wrote:
Hi,
The troubleshooting guide in the docs said to email the list if the System Error (4) shows up, so I figured I bring this issue up. I'm running sssd version 1.16.0 on Debian testing and recently encountered a new behavior. We set up sssd with active directory based authentication on an already established system. For various reasons there are still local passwd users, some of whom also have ad accounts. What used to happen is that the pam/nsswitch stack was set up so that those users would end up with their passwd id. If they had an ad account they could log in with either their shadow password or their ad password. Right after we upgraded from 1.16.0-1 to 1.16.0-2 any local user generated a System Error (4) in the logs and and local users with ad accounts could no longer use their ad passwords (although they could still use their local passwords). There isn't a lot of information in the logs.
Can you also paste your full configuration and the sssd domain log(s) ?
Does sssd on Debian use the implicit files provider (ps would show a sssd_be process running with --name implicit_files)