Hello,
I have this strange effect:
tueilnt-st-test2:/ # sss_cache -U tueilnt-st-test2:/ # finger ne96soh Login: ne96soh Name: Joschi Brauchle Directory: /nas/ei/home/ne96soh Shell: /bin/bash On since Tue Oct 21 19:15 (CEST) on pts/1, idle 0:01, from mo-brauchle.lnt.ei.tum.de Last login Tue Oct 21 19:15 (CEST) on :0 from console No Mail. No Plan.
tueilnt-st-test2:/ # id ne96soh uid=3036404(ne96soh) gid=3000000(tu00000gv-0defprim) groups=3000000(tu00000gv-0defprim),3404101(tu00000gv-0maallenog),3441052(tueifeigv-0feidrshar),3372549(tueifeigv-0nasadming),3398968(tueifeigv-0mitarbei),3394214(tueilntgv-0sysadmin),3319720(tu00000gv-0maalle),3393702(tueilntgv-0staff),3394681(tueilntgv-0all)
tueilnt-st-test2:/ # finger ne96soh Login: ne96soh Name: ne96soh Directory: /nas/ei/home/ne96soh Shell: /bin/sh On since Tue Oct 21 19:15 (CEST) on pts/1, idle 0:01, from mo-brauchle.lnt.ei.tum.de Last login Tue Oct 21 19:15 (CEST) on :0 from console No Mail. No Plan.
Also, X login is not possible with the message "user account is disabled". I think this could possibly be related to the shell that X inquires for user ne96soh.
Any suggestions?
Best regards, Joschi Brauchle
I did some further investigation. Here is the sequence of commands that show the problem: --------------- st-test:/ # getent passwd ne96soh ne96soh:*:3036404:3000000:Joschi Brauchle:/home/ne96soh:/bin/bash --------------- st-test:/ # id ne96soh uid=3036404(ne96soh) gid=3000000(tu00000gv-0defprim) groups=3000000(tu00000gv-0defprim),3404101(tu00000gv-0maallenog),3441052(tueifeigv-0feidrshar),3372549(tueifeigv-0nasadming),3398968(tueifeigv-0mitarbei),3394214(tueilntgv-0sysadmin),3319720(tu00000gv-0maalle),3393702(tueilntgv-0staff),3394681(tueilntgv-0all) --------------- st-test:/ # getent passwd ne96soh ne96soh:*:3036404:3000000:ne96soh:/: ---------------
This is the diff of my user record in the SSSD cache_default.ldb database before and after the 'id' command: --- ne96soh.ok.log 2014-10-23 11:43:09.433558359 +0200 +++ ne96soh.broken.log 2014-10-23 11:43:27.112797876 +0200 @@ -1,14 +1,15 @@ -gecos: Joschi Brauchle +gecos: ne96soh -homeDirectory: /home/ne96soh -loginShell: /bin/bash -adAccountExpires: 9223372036854775807 +memberof: <my group1> +memberof: <my group2> ...
Clearly the diff shows that important information is *missing* from my user record after the 'id' command.
Thus, I cannot log into my machine!
Is this a known problem with SSSD 1.12.1?
Best regards, Joschi Brauchle
On 10/21/2014 07:22 PM, Joschi Brauchle wrote:
Hello,
I have this strange effect:
tueilnt-st-test2:/ # sss_cache -U tueilnt-st-test2:/ # finger ne96soh Login: ne96soh Name: Joschi Brauchle Directory: /nas/ei/home/ne96soh Shell: /bin/bash On since Tue Oct 21 19:15 (CEST) on pts/1, idle 0:01, from mo-brauchle.lnt.ei.tum.de Last login Tue Oct 21 19:15 (CEST) on :0 from console No Mail. No Plan.
tueilnt-st-test2:/ # id ne96soh uid=3036404(ne96soh) gid=3000000(tu00000gv-0defprim) groups=3000000(tu00000gv-0defprim),3404101(tu00000gv-0maallenog),3441052(tueifeigv-0feidrshar),3372549(tueifeigv-0nasadming),3398968(tueifeigv-0mitarbei),3394214(tueilntgv-0sysadmin),3319720(tu00000gv-0maalle),3393702(tueilntgv-0staff),3394681(tueilntgv-0all)
tueilnt-st-test2:/ # finger ne96soh Login: ne96soh Name: ne96soh Directory: /nas/ei/home/ne96soh Shell: /bin/sh On since Tue Oct 21 19:15 (CEST) on pts/1, idle 0:01, from mo-brauchle.lnt.ei.tum.de Last login Tue Oct 21 19:15 (CEST) on :0 from console No Mail. No Plan.
Also, X login is not possible with the message "user account is disabled". I think this could possibly be related to the shell that X inquires for user ne96soh.
Any suggestions?
Best regards, Joschi Brauchle
sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
FYI: Workaround is adding --------------- ad_enable_gc = False --------------- to sssd.conf.
On 10/23/2014 11:54 AM, Joschi Brauchle wrote:
I did some further investigation. Here is the sequence of commands that show the problem:
st-test:/ # getent passwd ne96soh ne96soh:*:3036404:3000000:Joschi Brauchle:/home/ne96soh:/bin/bash
st-test:/ # id ne96soh uid=3036404(ne96soh) gid=3000000(tu00000gv-0defprim) groups=3000000(tu00000gv-0defprim),3404101(tu00000gv-0maallenog),3441052(tueifeigv-0feidrshar),3372549(tueifeigv-0nasadming),3398968(tueifeigv-0mitarbei),3394214(tueilntgv-0sysadmin),3319720(tu00000gv-0maalle),3393702(tueilntgv-0staff),3394681(tueilntgv-0all)
st-test:/ # getent passwd ne96soh ne96soh:*:3036404:3000000:ne96soh:/:
This is the diff of my user record in the SSSD cache_default.ldb database before and after the 'id' command: --- ne96soh.ok.log 2014-10-23 11:43:09.433558359 +0200 +++ ne96soh.broken.log 2014-10-23 11:43:27.112797876 +0200 @@ -1,14 +1,15 @@ -gecos: Joschi Brauchle +gecos: ne96soh -homeDirectory: /home/ne96soh -loginShell: /bin/bash -adAccountExpires: 9223372036854775807 +memberof: <my group1> +memberof: <my group2> ...
Clearly the diff shows that important information is *missing* from my user record after the 'id' command.
Thus, I cannot log into my machine!
Is this a known problem with SSSD 1.12.1?
Best regards, Joschi Brauchle
On 10/21/2014 07:22 PM, Joschi Brauchle wrote:
Hello,
I have this strange effect:
tueilnt-st-test2:/ # sss_cache -U tueilnt-st-test2:/ # finger ne96soh Login: ne96soh Name: Joschi Brauchle Directory: /nas/ei/home/ne96soh Shell: /bin/bash On since Tue Oct 21 19:15 (CEST) on pts/1, idle 0:01, from mo-brauchle.lnt.ei.tum.de Last login Tue Oct 21 19:15 (CEST) on :0 from console No Mail. No Plan.
tueilnt-st-test2:/ # id ne96soh uid=3036404(ne96soh) gid=3000000(tu00000gv-0defprim) groups=3000000(tu00000gv-0defprim),3404101(tu00000gv-0maallenog),3441052(tueifeigv-0feidrshar),3372549(tueifeigv-0nasadming),3398968(tueifeigv-0mitarbei),3394214(tueilntgv-0sysadmin),3319720(tu00000gv-0maalle),3393702(tueilntgv-0staff),3394681(tueilntgv-0all)
tueilnt-st-test2:/ # finger ne96soh Login: ne96soh Name: ne96soh Directory: /nas/ei/home/ne96soh Shell: /bin/sh On since Tue Oct 21 19:15 (CEST) on pts/1, idle 0:01, from mo-brauchle.lnt.ei.tum.de Last login Tue Oct 21 19:15 (CEST) on :0 from console No Mail. No Plan.
Also, X login is not possible with the message "user account is disabled". I think this could possibly be related to the shell that X inquires for user ne96soh.
Any suggestions?
Best regards, Joschi Brauchle
sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
On Thu, Oct 23, 2014 at 12:13:04PM +0200, Joschi Brauchle wrote:
FYI: Workaround is adding
ad_enable_gc = False
to sssd.conf.
Thank you for finding this. I guess the reason is that the shell and home-directory attributes are not replicated to the global catalog (GC). I opened https://fedorahosted.org/sssd/ticket/2474 to track this.
As a workaround you might want to keep 'ad_enable_gc = False' in your sssd.conf or replicate the related attributes to the GC.
bye, Sumit
On 10/23/2014 11:54 AM, Joschi Brauchle wrote:
I did some further investigation. Here is the sequence of commands that show the problem:
st-test:/ # getent passwd ne96soh ne96soh:*:3036404:3000000:Joschi Brauchle:/home/ne96soh:/bin/bash
st-test:/ # id ne96soh uid=3036404(ne96soh) gid=3000000(tu00000gv-0defprim) groups=3000000(tu00000gv-0defprim),3404101(tu00000gv-0maallenog),3441052(tueifeigv-0feidrshar),3372549(tueifeigv-0nasadming),3398968(tueifeigv-0mitarbei),3394214(tueilntgv-0sysadmin),3319720(tu00000gv-0maalle),3393702(tueilntgv-0staff),3394681(tueilntgv-0all)
st-test:/ # getent passwd ne96soh ne96soh:*:3036404:3000000:ne96soh:/:
This is the diff of my user record in the SSSD cache_default.ldb database before and after the 'id' command: --- ne96soh.ok.log 2014-10-23 11:43:09.433558359 +0200 +++ ne96soh.broken.log 2014-10-23 11:43:27.112797876 +0200 @@ -1,14 +1,15 @@ -gecos: Joschi Brauchle +gecos: ne96soh -homeDirectory: /home/ne96soh -loginShell: /bin/bash -adAccountExpires: 9223372036854775807 +memberof: <my group1> +memberof: <my group2> ...
Clearly the diff shows that important information is *missing* from my user record after the 'id' command.
Thus, I cannot log into my machine!
Is this a known problem with SSSD 1.12.1?
Best regards, Joschi Brauchle
On 10/21/2014 07:22 PM, Joschi Brauchle wrote:
Hello,
I have this strange effect:
tueilnt-st-test2:/ # sss_cache -U tueilnt-st-test2:/ # finger ne96soh Login: ne96soh Name: Joschi Brauchle Directory: /nas/ei/home/ne96soh Shell: /bin/bash On since Tue Oct 21 19:15 (CEST) on pts/1, idle 0:01, from mo-brauchle.lnt.ei.tum.de Last login Tue Oct 21 19:15 (CEST) on :0 from console No Mail. No Plan.
tueilnt-st-test2:/ # id ne96soh uid=3036404(ne96soh) gid=3000000(tu00000gv-0defprim) groups=3000000(tu00000gv-0defprim),3404101(tu00000gv-0maallenog),3441052(tueifeigv-0feidrshar),3372549(tueifeigv-0nasadming),3398968(tueifeigv-0mitarbei),3394214(tueilntgv-0sysadmin),3319720(tu00000gv-0maalle),3393702(tueilntgv-0staff),3394681(tueilntgv-0all)
tueilnt-st-test2:/ # finger ne96soh Login: ne96soh Name: ne96soh Directory: /nas/ei/home/ne96soh Shell: /bin/sh On since Tue Oct 21 19:15 (CEST) on pts/1, idle 0:01, from mo-brauchle.lnt.ei.tum.de Last login Tue Oct 21 19:15 (CEST) on :0 from console No Mail. No Plan.
Also, X login is not possible with the message "user account is disabled". I think this could possibly be related to the shell that X inquires for user ne96soh.
Any suggestions?
Best regards, Joschi Brauchle
sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
-- Dipl.-Ing. Joschi Brauchle, M.S.
Institute for Communications Engineering (LNT) Technische Universitaet Muenchen (TUM) 80290 Munich, Germany
Tel (work): +49 89 289-23474 Fax (work): +49 89 289-23490 E-mail: joschi.brauchle@tum.de Web: http://www.lnt.ei.tum.de/
sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
sssd-users@lists.fedorahosted.org