Hi,
I try sssd-1.9.2 on Ubuntu-Quantal with ad-provider.
So far I can login to the desktop with AD identity;
Login hangs a bit because of unknown group;
What is the best practice to resolve the group (set up PrimaryGroupId, run idmap????)
The option 'default_shell = /bin/bash' in sssd.conf doesn't seem to have
effect.
I would expect it being visible In users info:
getent passwd imadatestuser
imadatestuser:*:332410389:332400513:IMADAtest Testesen:/home/imadatestuser:
In pam.d/common-session I added entry for case of nonexistent homedir reference, and shell - so
ADuser can login.
There is a lot of messages in sssd_nat.c.sdu.dk - for searching principal info for lightdm in AD -
Is it correct? Shouldn't be sssd awared that lightdm is a local service?
.....................
Tue Nov 13 10:29:29 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [pamHandler]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [be_pam_handler] (0x0100): Got request with the following data
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): command: PAM_OPEN_SESSION
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): domain: nat.c.sdu.dk
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): user: imadatestuser
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): service: lightdm
^^^^^^^^
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): tty: :0
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): ruser:
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): rhost:
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): authtok type: 0
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): authtok size: 0
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): newauthtok type: 0
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): newauthtok size: 0
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): priv: 1
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [pam_print_data] (0x0100): cli_pid: 2564
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [be_pam_handler] (0x0100): Sending result [0][nat.c.sdu.dk]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): dbus conn: 7063D0
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): Dispatching.
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [getDomains]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [be_get_subdomains] (0x2000): Undefined backend target.
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): dbus conn: 7063D0
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): Dispatching.
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [getAccountInfo]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [be_get_account_info] (0x0100): Got request for [4099][1][name=lightdm]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_id_op_connect_step] (0x4000): reusing cached connection
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_initgr_send] (0x4000): Retrieving info for initgroups call
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_initgr_next_base] (0x0400): Searching for users with base [ou=ADUsers,dc=nat,dc=c,dc=sdu,dc=dk]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(sAMAccountName=lightdm)(objectclass=person))][ou=ADUsers,dc=nat,dc=c,dc=sdu,dc=dk].^
^^^^^^^^^^^^^^
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [objectClass]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [sAMAccountName]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [unixUserPassword]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [uidNumber]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [gidNumber]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [gecos]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [unixHomeDirectory]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [loginShell]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [userPrincipalName]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [name]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [memberOf]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [objectGUID]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [objectSID]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [primaryGroupID]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [whenChanged]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [uSNChanged]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [accountExpires]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x1000): Requesting attrs: [userAccountControl]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x2000): ldap_search_ext called, msgid = 13
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_process_result] (0x2000): Trace: sh[0x6e8e00], connected[1], ops[0x76c190], ldap[0x713300]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_process_message] (0x4000): Message type: [LDAP_RES_SEARCH_RESULT]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no errmsg set
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_initgr_user] (0x4000): Receiving info for the user
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_id_op_done] (0x4000): releasing operation connection
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [ldb] (0x4000): tevent: Added timed event "ltdb_callback": 0x7555e0
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [ldb] (0x4000): tevent: Destroying timer event 0x6f8740 "ltdb_timeout"
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [ldb] (0x4000): tevent: Ending timer event 0x6f4c60 "ltdb_callback"
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sysdb_search_groups] (0x2000): No such entry
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sysdb_delete_user] (0x0400): Error: 2 (No such file or directory)
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [acctinfo_callback] (0x0100): Request processed. Returned 0,0,Success
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_process_result] (0x2000): Trace: sh[0x6e8e00], connected[1], ops[(nil)], ldap[0x713300]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_process_result] (0x2000): Trace: ldap_result found nothing!
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): dbus conn: 707F80
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): Dispatching.
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [getAccountInfo]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [be_get_account_info] (0x0100): Got request for [3][1][name=lightdm]
^^^^^^^^
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_id_op_connect_step] (0x4000): reusing cached connection
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_initgr_send] (0x4000): Retrieving info for initgroups call
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_initgr_next_base] (0x0400): Searching for users with base [ou=ADUsers,dc=nat,dc=c,dc=sdu,dc=dk]
(Tue Nov 13 10:29:30 2012) [sssd[be[nat.c.sdu.dk]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(sAMAccountName=lightdm)(objectclass=person))][ou=ADUsers,dc=nat,dc=c,dc=sdu,dc=dk].
......
I can also see a lot of messages:
...
(Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [getDomains]
(Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [be_get_subdomains] (0x2000): Undefined backend target.
(Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): dbus conn: EA75B0
(Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_dispatch] (0x4000): Dispatching.
(Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [sbus_message_handler] (0x4000): Received SBUS method [getDomains]
(Tue Nov 13 13:10:33 2012) [sssd[be[nat.c.sdu.dk]]] [be_get_subdomains] (0x2000): Undefined backend target.
...
Do I miss specific parameter in sssd.conf?
Thanks in advance
longina