After 30 days of running sssd I found that my test workstation no longer connected to the domain.

The machine account password had timed out.

I now run a daily cron job using msktutil wihch will auto-update the password.

However I should not have to do this. sssd should update the machine password.

I can see entries in the logs such that the machine account password renewal task is enabled.

Then:

[be_ptask_execute] (0x0400): Task [AD machine account password renewal]: executing task, timeout 60 seconds

How though can I see if this taks is successful or not?

I realise that if the machine account is less than 30 days old the task probably silently completes OK without any logging.

The version of sssd is 16.1 running on Ubuntu

John Hearns