Hi community!

 

I integrate sssd with Windows Active Directoy using ldaps and certificates without  entering the linux servers into domain... and I can login sucessully on my linux servers

using correct groups and everythings going well.... but in the logs i'm still watching this kind of issues... what could be ?

[simple_check_get_groups_primary] (0x0040): Could not look up primary group [948600513]: [2][No such file or directory] uid=948609251(emper0r) gid=948600513 groups=948600513,948602187(vcenterfulladmin),948610184(linuxadmin)

this group numbers are from active directory...

 

the other thing is .. in that linux we have on /etc/resolv.conf the ip address of DNS where all records point ok but we receive this errors too.

 

(2021-03-12 14:13:10): [be[mydomain.local]] [resolv_gethostbyname_done] (0x0040): querying hosts database failed [5]: Input/output error

(2021-03-12 14:13:10): [be[mydomain.local]] [sdap_sudo_get_hostnames_done] (0x0040): Could not resolve fqdn for this machine, error [5]: Input/output error, resolver returned: [11]: Could not contact DNS servers

(2021-03-12 14:13:10): [be[mydomain.local]] [sdap_sudo_get_hostinfo_done] (0x0020): Unable to retrieve hostnames [5]: Input/output error

(2021-03-12 14:13:10): [be[mydomain.local]] [sdap_sudo_refresh_hostinfo_done] (0x0040): Unable to retrieve host information, host filter will be disabled [5]: Input/output error

 

Apart of this I can login into linux server with my user from AD specified on linuxadmin group, so works good!

 

OS: CentOS 8

 

Sssd versions

sssd-dbus-2.3.0-9.el8.x86_64

sssd-krb5-common-2.3.0-9.el8.x86_64

sssd-ldap-2.3.0-9.el8.x86_64

sssd-client-2.3.0-9.el8.x86_64

sssd-nfs-idmap-2.3.0-9.el8.x86_64

sssd-krb5-2.3.0-9.el8.x86_64

sssd-proxy-2.3.0-9.el8.x86_64

sssd-ipa-2.3.0-9.el8.x86_64

sssd-ad-2.3.0-9.el8.x86_64

sssd-tools-2.3.0-9.el8.x86_64

sssd-common-2.3.0-9.el8.x86_64

python3-sssdconfig-2.3.0-9.el8.noarch

sssd-kcm-2.3.0-9.el8.x86_64

sssd-common-pac-2.3.0-9.el8.x86_64

sssd-2.3.0-9.el8.x86_64

 

kernel: 4.18.0-240.1.1.el8_3.x86_64



 

APK

 

 

Antonio Peña Díaz
Sistemisti e Sistemi Informativi Interni
Area Tecnica

 

APKAPPA S.r.l. sede legale Via F. Albani, 21  20149 Milano | p.iva/vat no. IT-08543640158
sede amministrativa e operativa Reggio Emilia (RE) via M. K. Gandhi, 24/ A 42123 -  sede operativa Magenta (MI) via Milano, 89/91 20013
tel.  02 94454 000 | fax  02 94454 339 www.apkappa.it
Seguici su:
Facebook LinkedIn Twitter

 

 

Questo messaggio elettronico ed i suoi allegati sono riservati e tutelati dal segreto professionale. Sono rivolti esclusivamente al/ai destinatario/i identificato/i. Pertanto ne è proibita la lettura, copiatura, divulgazione e utilizzazione da parte di chiunque altro non sia autorizzato. Se non siete il destinatario o avete ricevuto questo messaggio per errore, vi invitiamo a cancellare il messaggio ed eventuali allegati dandone immediatamente comunicazione scritta a mezzo posta elettronica al mittente. I dati dell’interessato sono trattati da APKAPPA S.r.l. nel pieno rispetto del Regolamento (UE) 679/2016 e del D.Lgs. 196/2003 s.m.i. Informazioni dettagliate, anche in ordine al diritto di accesso e agli altri diritti, sono disponibili sul sito www.apkappa.it nella sezione PRIVACY.
This message and its attachments are confidential and protected by professional secrecy. They are addressed exclusively to the identified recipient (s). Therefore reading, copying, disclosure and use by anyone else who is not authorized is prohibited. If you are not the recipient or have received this message by mistake, we invite you to delete the message and any attachments by immediately sending written notice to the sender by e-mail. The data of the interested party are processed by APKAPPA Srl in full compliance with the Regulation (EU) 679/2016 and the Legislative Decree 196/2003 s.m.i. Detailed information, including on the right of access and other rights, is available on the website www.apkappa.it in the PRIVACY section