please help.
On ubuntu against AD. Logging in with an AD account works fine.. EXCEPT for just ONE
account. The other AD accounts work fine
It will let me login once.. and when I try to login again, it comes up with access
denied.
BUT... if I do a sssctl cache-remove, it works again .. the first time.
id, and related diagnostics on this account come up fine..
Used realmd to add the machine to AD. sssd.conf below.
Level 10 logs for at first working and not working can be downloaded from
https://intranet.egc.wa.edu.au/downloads/sssd.tar.gz
Please help .. driving me insane :-)
Peter
root@e4182s01sv025:/etc/sssd# more sssd.conf
[sssd]
domains = orange.schools.internal
config_file_version = 2
services = nss, pam ,ifp, sudo
default_domain_suffix = ORANGE.SCHOOLS.INTERNAL
[domain/orange.schools.internal]
ad_domain = orange.schools.internal
krb5_realm = ORANGE.SCHOOLS.INTERNAL
realmd_tags = manages-system joined-with-adcli
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = True
fallback_homedir = /home/%d/%u
access_provider = ad
ad_gpo_access_control = permissive
root@e4182s01sv025:/etc/sssd#