Hi, I try sssd-1.9.2 on Ubuntu-Quantal with ad-provider.
So far I can login to the desktop with AD identity; Login hangs a bit because of unknown group;
What is the best practice to resolve the group (set up PrimaryGroupId, run idmap????)
The option 'default_shell = /bin/bash' in sssd.conf doesn't seem to have effect. I would expect it being visible In users info:
getent passwd imadatestuser imadatestuser:*:332410389:332400513:IMADAtest Testesen:/home/imadatestuser:
In pam.d/common-session I added entry for case of nonexistent homedir reference, and shell - so ADuser can login.
There is a lot of messages in sssd_nat.c.sdu.dk - for searching principal info for lightdm in AD - Is it correct? Shouldn't be sssd awared that lightdm is a local service?
..................... Tue Nov 13 10:29:29 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [pamHandler] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [be_pam_handler] (0x0100): Got request with the following data (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): command: PAM_OPEN_SESSION (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): domain: nat.c.sdu.dk (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): user: imadatestuser (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): service: lightdm ^^^^^^^^
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): tty: :0 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): ruser: (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): rhost: (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): authtok type: 0 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): authtok size: 0 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): newauthtok size: 0 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): priv: 1 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): cli_pid: 2564 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [be_pam_handler] (0x0100): Sending result [0][nat.c.sdu.dk] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): dbus conn: 7063D0 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): Dispatching. (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [getDomains] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [be_get_subdomains] (0x2000): Undefined backend target. (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): dbus conn: 7063D0 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): Dispatching. (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [getAccountInfo] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [be_get_account_info] (0x0100): Got request for [4099][1][name=lightdm] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_id_op_connect_step] (0x4000): reusing cached connection (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_initgr_send] (0x4000): Retrieving info for initgroups call (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_initgr_next_base] (0x0400): Searching for users with base [ou=ADUsers,dc=nat,dc=c,dc=sdu,dc=dk] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(sAMAccountName=lightdm)(objectclass=person))][ou=ADUsers,dc=nat,dc=c,dc=sdu,dc=dk].^
^^^^^^^^^^^^^^ (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [objectClass] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [sAMAccountName] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [unixUserPassword] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [uidNumber] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [gidNumber] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [gecos] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [unixHomeDirectory] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [loginShell] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [userPrincipalName] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [name] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [memberOf] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [objectGUID] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [objectSID] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [primaryGroupID] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [whenChanged] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [uSNChanged] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [accountExpires] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [userAccountControl] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x2000): ldap_search_ext called, msgid = 13 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_process_result] (0x2000): Trace: sh[0x6e8e00], connected[1], ops[0x76c190], ldap[0x713300] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_process_message] (0x4000): Message type: [LDAP_RES_SEARCH_RESULT] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg set (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_initgr_user] (0x4000): Receiving info for the user (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_id_op_done] (0x4000): releasing operation connection (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [ldb] (0x4000): tevent: Added timed event "ltdb_callback": 0x7555e0 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [ldb] (0x4000): tevent: Destroying timer event 0x6f8740 "ltdb_timeout"
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [ldb] (0x4000): tevent: Ending timer event 0x6f4c60 "ltdb_callback"
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sysdb_search_groups] (0x2000): No such entry (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sysdb_delete_user] (0x0400): Error: 2 (No such file or directory) (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [acctinfo_callback] (0x0100): Request processed. Returned 0,0,Success (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_process_result] (0x2000): Trace: sh[0x6e8e00], connected[1], ops[(nil)], ldap[0x713300] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_process_result] (0x2000): Trace: ldap_result found nothing! (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): dbus conn: 707F80 (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): Dispatching. (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [getAccountInfo] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [be_get_account_info] (0x0100): Got request for [3][1][name=lightdm]
^^^^^^^^ (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_id_op_connect_step] (0x4000): reusing cached connection (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_initgr_send] (0x4000): Retrieving info for initgroups call (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_initgr_next_base] (0x0400): Searching for users with base [ou=ADUsers,dc=nat,dc=c,dc=sdu,dc=dk] (Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(sAMAccountName=lightdm)(objectclass=person))][ou=ADUsers,dc=nat,dc=c,dc=sdu,dc=dk]. ......
I can also see a lot of messages:
... (Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [getDomains] (Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [be_get_subdomains] (0x2000): Undefined backend target. (Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): dbus conn: EA75B0 (Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): Dispatching. (Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [getDomains] (Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [be_get_subdomains] (0x2000): Undefined backend target. ... Do I miss specific parameter in sssd.conf?
Thanks in advance
longina
sssd-users@lists.fedorahosted.org