I’m trying to resolve a "FAILED with error NT_STATUS_LOGON_FAILURE” error when trying to login to a Samba share on a CentOS test VM. I emailed the samba mailing list and it was recommended that I contact this list instead...
Partial output of /var/log/samba/log.10.84.2.148 (the Mac client): [2019/03/01 15:53:46.544858, 3] ../auth/ntlmssp/ntlmssp_server.c:552(ntlmssp_server_preauth) Got user=[btp4] domain=[YALE] workstation=[PAQUIN3200] len1=24 len2=224 [2019/03/01 15:53:46.544907, 3] ../source3/param/loadparm.c:3868(lp_load_ex) lp_load_ex: refreshing parameters [2019/03/01 15:53:46.544956, 3] ../source3/param/loadparm.c:547(init_globals) Initialising global parameters [2019/03/01 15:53:46.545088, 3] ../source3/param/loadparm.c:2782(lp_do_section) Processing section "[global]" doing parameter workgroup = YALE doing parameter realm = YU.YALE.EDUhttp://YU.YALE.EDU doing parameter security = ads doing parameter idmap config * : range = 1677216-33554431 doing parameter idmap config YALE:schema_mode = rfc2307 doing parameter idmap config YALE:range = 100000-199999 doing parameter idmap config YALE:backend = rid doing parameter idmap * : backend = tbd doing parameter dedicated keytab file = /etc/krb5.keytab doing parameter log file = /var/log/samba/log.%m doing parameter log level = 4 doing parameter guest account = nobody doing parameter guest ok = no doing parameter template shell = /sbin/nologin doing parameter kerberos method = system keytab doing parameter store dos attributes = yes doing parameter vfs objects = acl_xattr [2019/03/01 15:53:46.545450, 2] ../source3/param/loadparm.c:2799(lp_do_section) Processing section "[testshare]" doing parameter comment = testshare doing parameter path = /testshare doing parameter valid users = @pathology_its doing parameter writable = yes doing parameter read only = No [2019/03/01 15:53:46.545573, 4] ../source3/param/loadparm.c:3910(lp_load_ex) pm_process() returned Yes [2019/03/01 15:53:46.545604, 3] ../source3/param/loadparm.c:1617(lp_add_ipc) adding IPC service [2019/03/01 15:53:46.545669, 3] ../source3/auth/auth.c:189(auth_check_ntlm_password) check_ntlm_password: Checking password for unmapped user [YALE][btp4]@[PAQUIN3200] with the new password interface [2019/03/01 15:53:46.545691, 3] ../source3/auth/auth.c:192(auth_check_ntlm_password) check_ntlm_password: mapped user is: [YALE][btp4]@[PAQUIN3200] [2019/03/01 15:53:46.545715, 4] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2019/03/01 15:53:46.545735, 4] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2019/03/01 15:53:46.545753, 4] ../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2019/03/01 15:53:46.545807, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2019/03/01 15:53:46.545828, 2] ../source3/auth/auth.c:332(auth_check_ntlm_password) check_ntlm_password: Authentication for user [btp4] -> [btp4] FAILED with error NT_STATUS_LOGON_FAILURE, authoritative=1 [2019/03/01 15:53:46.545864, 2] ../auth/auth_log.c:760(log_authentication_event_human_readable) Auth: [SMB2,(null)] user [YALE][btp4] at [Fri, 01 Mar 2019 15:53:46.545851 EST] with [NTLMv2] status [NT_STATUS_LOGON_FAILURE] workstation [PAQUIN3200] remote host [ipv4:10.84.2.148:58286] mapped to [YALE][btp4]. local host [ipv4:10.84.2.79:445] [2019/03/01 15:53:46.545899, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2019/03/01 15:53:46.545937, 3] ../auth/gensec/spnego.c:1414(gensec_spnego_server_negTokenTarg_step) gensec_spnego_server_negTokenTarg_step: SPNEGO(ntlmssp) login failed: NT_STATUS_LOGON_FAILURE [2019/03/01 15:53:46.545965, 4] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2019/03/01 15:53:46.545985, 4] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2019/03/01 15:53:46.546002, 4] ../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2019/03/01 15:53:46.546039, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2019/03/01 15:53:46.546067, 3] ../source3/smbd/smb2_server.c:3171(smbd_smb2_request_error_ex) smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../source3/smbd/smb2_sesssetup.c:137
My workflow for setting up SSSD and Samba: 1) yum install -y sssd realmd adcli samba-common samba-common-tools krb5-workstation openldap-clients ntpdate ntp nss-pam-ldapd policycoreutils-python samba-client samba nano 2) realm join ... #shortened command; binding to specific OU; works as expected 3) authconfig --enablesssdauth --enablesssd --enablemkhomedir --update 4) nano /etc/samba/smb.conf 5) testparm 6) mkdir /testshare 7) id btp4@yu.yale.edumailto:btp4@yu.yale.edu #works as expected 8) chown -R root:pathology_its@yu.yale.edumailto:pathology_its@yu.yale.edu /testshare/ 9) chcon -Rt samba_share_t /testshare/ 10) kinit btp4 11) net ads join -k 12) kinit -k CENTOSSSSD$ #name of test server 13) /usr/bin/ldapsearch -H ... #shortened command; works as expected 14) systemctl enable smb 15) systemctl enable nmb 16) systemctl start smb 17) systemctl start nmb 18) firewall-cmd --add-service=samba --permanent 19) firewall-cmd --reload
I can provide contents of krb5.conf or sssd.conf if needed.
Sorry for the lengthy email.
Thank you,
Brian
On Mon, Mar 04, 2019 at 06:25:40PM +0000, Paquin, Brian wrote:
I’m trying to resolve a "FAILED with error NT_STATUS_LOGON_FAILURE” error when trying to login to a Samba share on a CentOS test VM. I emailed the samba mailing list and it was recommended that I contact this list instead...
Partial output of /var/log/samba/log.10.84.2.148 (the Mac client): [2019/03/01 15:53:46.544858, 3] ../auth/ntlmssp/ntlmssp_server.c:552(ntlmssp_server_preauth) Got user=[btp4] domain=[YALE] workstation=[PAQUIN3200] len1=24 len2=224 [2019/03/01 15:53:46.544907, 3] ../source3/param/loadparm.c:3868(lp_load_ex) lp_load_ex: refreshing parameters [2019/03/01 15:53:46.544956, 3] ../source3/param/loadparm.c:547(init_globals) Initialising global parameters [2019/03/01 15:53:46.545088, 3] ../source3/param/loadparm.c:2782(lp_do_section) Processing section "[global]" doing parameter workgroup = YALE doing parameter realm = YU.YALE.EDUhttp://YU.YALE.EDU doing parameter security = ads doing parameter idmap config * : range = 1677216-33554431 doing parameter idmap config YALE:schema_mode = rfc2307 doing parameter idmap config YALE:range = 100000-199999 doing parameter idmap config YALE:backend = rid doing parameter idmap * : backend = tbd doing parameter dedicated keytab file = /etc/krb5.keytab doing parameter log file = /var/log/samba/log.%m doing parameter log level = 4 doing parameter guest account = nobody doing parameter guest ok = no doing parameter template shell = /sbin/nologin doing parameter kerberos method = system keytab doing parameter store dos attributes = yes doing parameter vfs objects = acl_xattr [2019/03/01 15:53:46.545450, 2] ../source3/param/loadparm.c:2799(lp_do_section) Processing section "[testshare]" doing parameter comment = testshare doing parameter path = /testshare doing parameter valid users = @pathology_its doing parameter writable = yes doing parameter read only = No [2019/03/01 15:53:46.545573, 4] ../source3/param/loadparm.c:3910(lp_load_ex) pm_process() returned Yes [2019/03/01 15:53:46.545604, 3] ../source3/param/loadparm.c:1617(lp_add_ipc) adding IPC service [2019/03/01 15:53:46.545669, 3] ../source3/auth/auth.c:189(auth_check_ntlm_password) check_ntlm_password: Checking password for unmapped user [YALE][btp4]@[PAQUIN3200] with the new password interface [2019/03/01 15:53:46.545691, 3] ../source3/auth/auth.c:192(auth_check_ntlm_password) check_ntlm_password: mapped user is: [YALE][btp4]@[PAQUIN3200] [2019/03/01 15:53:46.545715, 4] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2019/03/01 15:53:46.545735, 4] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2019/03/01 15:53:46.545753, 4] ../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2019/03/01 15:53:46.545807, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2019/03/01 15:53:46.545828, 2] ../source3/auth/auth.c:332(auth_check_ntlm_password) check_ntlm_password: Authentication for user [btp4] -> [btp4] FAILED with error NT_STATUS_LOGON_FAILURE, authoritative=1 [2019/03/01 15:53:46.545864, 2] ../auth/auth_log.c:760(log_authentication_event_human_readable) Auth: [SMB2,(null)] user [YALE][btp4] at [Fri, 01 Mar 2019 15:53:46.545851 EST] with [NTLMv2] status [NT_STATUS_LOGON_FAILURE] workstation [PAQUIN3200] remote host [ipv4:10.84.2.148:58286] mapped to [YALE][btp4]. local host [ipv4:10.84.2.79:445] [2019/03/01 15:53:46.545899, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2019/03/01 15:53:46.545937, 3] ../auth/gensec/spnego.c:1414(gensec_spnego_server_negTokenTarg_step) gensec_spnego_server_negTokenTarg_step: SPNEGO(ntlmssp) login failed: NT_STATUS_LOGON_FAILURE [2019/03/01 15:53:46.545965, 4] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2019/03/01 15:53:46.545985, 4] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2019/03/01 15:53:46.546002, 4] ../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2019/03/01 15:53:46.546039, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2019/03/01 15:53:46.546067, 3] ../source3/smbd/smb2_server.c:3171(smbd_smb2_request_error_ex) smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../source3/smbd/smb2_sesssetup.c:137
My workflow for setting up SSSD and Samba:
- yum install -y sssd realmd adcli samba-common samba-common-tools krb5-workstation openldap-clients ntpdate ntp nss-pam-ldapd policycoreutils-python samba-client samba nano
- realm join ... #shortened command; binding to specific OU; works as expected
- authconfig --enablesssdauth --enablesssd --enablemkhomedir --update
- nano /etc/samba/smb.conf
- testparm
- mkdir /testshare
- id btp4@yu.yale.edumailto:btp4@yu.yale.edu #works as expected
- chown -R root:pathology_its@yu.yale.edumailto:pathology_its@yu.yale.edu /testshare/
- chcon -Rt samba_share_t /testshare/
- kinit btp4
- net ads join -k
- kinit -k CENTOSSSSD$ #name of test server
- /usr/bin/ldapsearch -H ... #shortened command; works as expected
- systemctl enable smb
- systemctl enable nmb
- systemctl start smb
- systemctl start nmb
Which version of Samba are you using. Recent versions of smdb require that winbindd is installed and running as well because some legacy code was removed from smbd and all communication with the AD DCs is not handled by winbindd. Please note that this is only about starting winbindd as well, there is no need to configured the system to use winbindd for authentication or user lookup.
To make sure that winbindd and SSSD have the same idea about IP-mapping idmap options similar to:
idmap config <AD-DOMAIN-SHORTNAME> : backend = sss idmap config <AD-DOMAIN-SHORTNAME> : range = 200000-2147483647
idmap config * : backend = tdb idmap config * : range = 100000-199999
should be added to smb.conf and the sssd-winbind-idmap package should be installed. With this winbindd will ask SSSD for all ID-mappings for the AD-DOMAIN-SHORTNAME domain object and use idmap_tdb for BUITLINs and other objects. If, by chance, you have the sssd-libwbclient package installed you have to remove it, but since it is not listed above I assume it is not installed.
HTH
bye, Sumit
- firewall-cmd --add-service=samba --permanent
- firewall-cmd --reload
I can provide contents of krb5.conf or sssd.conf if needed.
Sorry for the lengthy email.
Thank you,
Brian
sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o...
Sumit,
Thank you! Thank you for taking the time to not only provide the answer, but for explaining why.
I am now able to mount my Samba share using my AD credentials.
One last question if I may...
In /var/log/samba/log.10.84.2.148 (my test client's IP), I see "WARNING: Failed to create BUILTIN\Administrators group! Can Winbind allocate gids?" Is that error expected, or is there something else I need to do?
Again, thank you for all your assistance!
Brian
________________________________ From: Sumit Bose sbose@redhat.com Sent: Tuesday, March 5, 2019 2:41:16 AM To: sssd-users@lists.fedorahosted.org Subject: [SSSD-users] Re: FAILED with error NT_STATUS_LOGON_FAILURE
On Mon, Mar 04, 2019 at 06:25:40PM +0000, Paquin, Brian wrote:
I’m trying to resolve a "FAILED with error NT_STATUS_LOGON_FAILURE” error when trying to login to a Samba share on a CentOS test VM. I emailed the samba mailing list and it was recommended that I contact this list instead...
Partial output of /var/log/samba/log.10.84.2.148 (the Mac client): [2019/03/01 15:53:46.544858, 3] ../auth/ntlmssp/ntlmssp_server.c:552(ntlmssp_server_preauth) Got user=[btp4] domain=[YALE] workstation=[PAQUIN3200] len1=24 len2=224 [2019/03/01 15:53:46.544907, 3] ../source3/param/loadparm.c:3868(lp_load_ex) lp_load_ex: refreshing parameters [2019/03/01 15:53:46.544956, 3] ../source3/param/loadparm.c:547(init_globals) Initialising global parameters [2019/03/01 15:53:46.545088, 3] ../source3/param/loadparm.c:2782(lp_do_section) Processing section "[global]" doing parameter workgroup = YALE doing parameter realm = YU.YALE.EDUhttps://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FYU.YALE.EDU&data=02%7C01%7Cbrian.paquin%40yale.edu%7C89c953e0d8f34113324c08d6a13dfce9%7Cdd8cbebb21394df8b4114e3e87abeb5c%7C0%7C0%7C636873684951890998&sdata=yWN4ljW66SYlrwfz3ScYIogX3zXVuiRU8gDlZo4OXkk%3D&reserved=0 doing parameter security = ads doing parameter idmap config * : range = 1677216-33554431 doing parameter idmap config YALE:schema_mode = rfc2307 doing parameter idmap config YALE:range = 100000-199999 doing parameter idmap config YALE:backend = rid doing parameter idmap * : backend = tbd doing parameter dedicated keytab file = /etc/krb5.keytab doing parameter log file = /var/log/samba/log.%m doing parameter log level = 4 doing parameter guest account = nobody doing parameter guest ok = no doing parameter template shell = /sbin/nologin doing parameter kerberos method = system keytab doing parameter store dos attributes = yes doing parameter vfs objects = acl_xattr [2019/03/01 15:53:46.545450, 2] ../source3/param/loadparm.c:2799(lp_do_section) Processing section "[testshare]" doing parameter comment = testshare doing parameter path = /testshare doing parameter valid users = @pathology_its doing parameter writable = yes doing parameter read only = No [2019/03/01 15:53:46.545573, 4] ../source3/param/loadparm.c:3910(lp_load_ex) pm_process() returned Yes [2019/03/01 15:53:46.545604, 3] ../source3/param/loadparm.c:1617(lp_add_ipc) adding IPC service [2019/03/01 15:53:46.545669, 3] ../source3/auth/auth.c:189(auth_check_ntlm_password) check_ntlm_password: Checking password for unmapped user [YALE][btp4]@[PAQUIN3200] with the new password interface [2019/03/01 15:53:46.545691, 3] ../source3/auth/auth.c:192(auth_check_ntlm_password) check_ntlm_password: mapped user is: [YALE][btp4]@[PAQUIN3200] [2019/03/01 15:53:46.545715, 4] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2019/03/01 15:53:46.545735, 4] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2019/03/01 15:53:46.545753, 4] ../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2019/03/01 15:53:46.545807, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2019/03/01 15:53:46.545828, 2] ../source3/auth/auth.c:332(auth_check_ntlm_password) check_ntlm_password: Authentication for user [btp4] -> [btp4] FAILED with error NT_STATUS_LOGON_FAILURE, authoritative=1 [2019/03/01 15:53:46.545864, 2] ../auth/auth_log.c:760(log_authentication_event_human_readable) Auth: [SMB2,(null)] user [YALE][btp4] at [Fri, 01 Mar 2019 15:53:46.545851 EST] with [NTLMv2] status [NT_STATUS_LOGON_FAILURE] workstation [PAQUIN3200] remote host [ipv4:10.84.2.148:58286] mapped to [YALE][btp4]. local host [ipv4:10.84.2.79:445] [2019/03/01 15:53:46.545899, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2019/03/01 15:53:46.545937, 3] ../auth/gensec/spnego.c:1414(gensec_spnego_server_negTokenTarg_step) gensec_spnego_server_negTokenTarg_step: SPNEGO(ntlmssp) login failed: NT_STATUS_LOGON_FAILURE [2019/03/01 15:53:46.545965, 4] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2019/03/01 15:53:46.545985, 4] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2019/03/01 15:53:46.546002, 4] ../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2019/03/01 15:53:46.546039, 4] ../source3/smbd/sec_ctx.c:438(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2019/03/01 15:53:46.546067, 3] ../source3/smbd/smb2_server.c:3171(smbd_smb2_request_error_ex) smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_LOGON_FAILURE] || at ../source3/smbd/smb2_sesssetup.c:137
My workflow for setting up SSSD and Samba:
- yum install -y sssd realmd adcli samba-common samba-common-tools krb5-workstation openldap-clients ntpdate ntp nss-pam-ldapd policycoreutils-python samba-client samba nano
- realm join ... #shortened command; binding to specific OU; works as expected
- authconfig --enablesssdauth --enablesssd --enablemkhomedir --update
- nano /etc/samba/smb.conf
- testparm
- mkdir /testshare
- id btp4@yu.yale.edumailto:btp4@yu.yale.edu #works as expected
- chown -R root:pathology_its@yu.yale.edumailto:pathology_its@yu.yale.edu /testshare/
- chcon -Rt samba_share_t /testshare/
- kinit btp4
- net ads join -k
- kinit -k CENTOSSSSD$ #name of test server
- /usr/bin/ldapsearch -H ... #shortened command; works as expected
- systemctl enable smb
- systemctl enable nmb
- systemctl start smb
- systemctl start nmb
Which version of Samba are you using. Recent versions of smdb require that winbindd is installed and running as well because some legacy code was removed from smbd and all communication with the AD DCs is not handled by winbindd. Please note that this is only about starting winbindd as well, there is no need to configured the system to use winbindd for authentication or user lookup.
To make sure that winbindd and SSSD have the same idea about IP-mapping idmap options similar to:
idmap config <AD-DOMAIN-SHORTNAME> : backend = sss idmap config <AD-DOMAIN-SHORTNAME> : range = 200000-2147483647
idmap config * : backend = tdb idmap config * : range = 100000-199999
should be added to smb.conf and the sssd-winbind-idmap package should be installed. With this winbindd will ask SSSD for all ID-mappings for the AD-DOMAIN-SHORTNAME domain object and use idmap_tdb for BUITLINs and other objects. If, by chance, you have the sssd-libwbclient package installed you have to remove it, but since it is not listed above I assume it is not installed.
HTH
bye, Sumit
- firewall-cmd --add-service=samba --permanent
- firewall-cmd --reload
I can provide contents of krb5.conf or sssd.conf if needed.
Sorry for the lengthy email.
Thank you,
Brian
sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgetfedora.... List Guidelines: https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffedoraproj... List Archives: https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.fedo...
_______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgetfedora.... List Guidelines: https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Ffedoraproj... List Archives: https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.fedo...
sssd-users@lists.fedorahosted.org