Hello,
It doesn't help either.
I now get
(Fri Sep 25 10:07:46 2015) [sssd[autofs]] [sss_parse_name_for_domains]
(0x0200): name 'auto.master' matched without domain, user is auto.master
(Fri Sep 25 10:07:46 2015) [sssd[autofs]] [sss_parse_name_for_domains]
(0x0200): using default domain [(null)]
(Fri Sep 25 10:07:46 2015) [sssd[be[ad.mikdom.org]]] [sdap_autofs_handler]
(0x0200): Requested refresh for: auto.master
(Fri Sep 25 10:07:46 2015) [sssd[autofs]] [getautomntent_process] (0x0080):
No entries found
On 25 September 2015 at 09:32, Ondrej Valousek <Ondrej.Valousek(a)s3group.com>
wrote:
Ok,
Try to add:
ldap_sasl_mech = GSSAPI
let me know if it helps.
Ondrej
*From:* sssd-users-bounces(a)lists.fedorahosted.org [mailto:
sssd-users-bounces(a)lists.fedorahosted.org] *On Behalf Of *Fabien CARRE
*Sent:* Thursday, September 24, 2015 3:26 PM
*To:* sssd-users(a)lists.fedorahosted.org
*Subject:* [SSSD-users] Make autofs work with Active Drectory
Hello,
I have been struggling for some days now, trying to use sssd with a Active
Directory (Windows 2008 R2).
I used *realm* command as explained here
https://fedorahosted.org/sssd/wiki/Configuring_sssd_with_ad_server
I followed this post
https://ovalousek.wordpress.com/2015/08/03/autofs
<
https://ovalousek.wordpress.com/2015/08/03/autofs> but I am unable to
make it work.
So far, I can log in, and apply the sudoers rules but the automount won't
work.
OS : Fedora 20
sssd-common-pac-1.11.7-5.fc20.x86_64
sssd-proxy-1.11.7-5.fc20.x86_64
python-sssdconfig-1.11.7-5.fc20.noarch
sssd-tools-1.11.7-5.fc20.x86_64
sssd-common-1.11.7-5.fc20.x86_64
sssd-krb5-1.11.7-5.fc20.x86_64
sssd-1.11.7-5.fc20.x86_64
sssd-ldap-1.11.7-5.fc20.x86_64
sssd-ipa-1.11.7-5.fc20.x86_64
sssd-ad-1.11.7-5.fc20.x86_64
sssd-krb5-common-1.11.7-5.fc20.x86_64
sssd-client-1.11.7-5.fc20.x86_64
Any ideas ? Thank you.
*autofs OU:*
dn: OU=autofs,DC=ad,DC=mikdom,DC=org
objectClass: top
objectClass: organizationalUnit
dn: CN=auto.master,OU=autofs,DC=ad,DC=mikdom,DC=org
objectClass: top
objectClass: nisMap
cn: auto.master
nisMapName: auto.master
dn: CN=/homes,CN=auto.master,OU=autofs,DC=ad,DC=mikdom,DC=org
objectClass: top
objectClass: nisObject
cn: /homes
nisMapName: auto.master
nisMapEntry: ldap:cn=auto.home,ou=autofs,dc=ad,mikdom,dc=org
dn: CN=auto.home,OU=autofs,DC=ad,DC=mikdom,DC=org
objectClass: top
objectClass: nisMap
cn: auto.home
nisMapName: auto.home
dn: CN=/,CN=auto.home,OU=autofs,DC=ad,DC=mikdom,DC=org
objectClass: top
objectClass: nisObject
cn: /
nisMapName: auto.home
nisMapEntry: -fstype=nfs homeserv:/vol/homes/&
*sssd config file :*
[sssd]
domains =
ad.mikdom.org
config_file_version = 2
services = nss, pam, autofs, sudo
[pam]
[nss]
[
domain/ad.mikdom.org]
ad_server =
myactived.ad.mikdom.org
ad_domain =
ad.mikdom.org
access_provider = ad
auth_provider = ad
access_provider = ad
krb5_realm =
AD.MIKDOM.ORG
realmd_tags = manages-system joined-with-adcli
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
fallback_homedir = /home/%u
use_fully_qualified_names = False
#sudo
sudo_provider = ad
ldap_sudo_search_base = ou=SUDOers,dc=ad,dc=mikdom,dc=org
ldap_sudo_full_refresh_interval = 86400
ldap_sudo_smart_refresh_interval = 3600
#autofs
ldap_schema = rfc2307
autofs_provider = ldap
ldap_autofs_entry_key = cn
ldap_autofs_entry_object_class = nisObject
ldap_autofs_entry_value = nisMapEntry
ldap_autofs_map_name = nisMapName
ldap_autofs_map_object_class = nisMap
ldap_autofs_search_base = ou=autofs,dc=ad,dc=mikdom,dc=org
[autofs]
*sssd debug :*
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [fo_set_port_status]
(0x0100): Marking port 389 of server 'myactived.ad.mikdom.org' as
'working'
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]]
[set_server_common_status] (0x0100): Marking server '
myactived.ad.mikdom.org' as 'working'
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]]
[sdap_get_generic_ext_done] (0x0040): Unexpected result from ldap:
Operations error(1), 000004DC: LdapErr: DSID-0C0906E8, comment: In orde
r to perform this operation a successful bind must be completed on the
connection., data 0, v1db1
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]]
[sdap_get_generic_done] (0x0100): sdap_get_generic_ext_recv failed [5]:
Input/output error
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]]
[sdap_autofs_setautomntent_done] (0x0040): sdap_get_automntmap_recv failed
[5]: Input/output error
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]]
[fo_resolve_service_send] (0x0100): Trying to resolve service 'LDAP'
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [resolve_srv_send]
(0x0200): The status of SRV lookup is resolved
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]]
[be_resolve_server_process] (0x0200): Found address for server
myactived.ad.mikdom.org: [192.168.200.245] TTL 3600
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]]
[sdap_get_server_opts_from_rootdse] (0x0100): Setting AD compatibility
level to [4]
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_cli_auth_step]
(0x0100): expire timeout is 900
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [fo_set_port_status]
(0x0100): Marking port 389 of server 'myactived.ad.mikdom.org' as
'working'
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]]
[set_server_common_status] (0x0100): Marking server '
myactived.ad.mikdom.org' as 'working'
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]]
[sdap_get_generic_ext_done] (0x0040): Unexpected result from ldap:
Operations error(1), 000004DC: LdapErr: DSID-0C0906E8, comment: In orde
r to perform this operation a successful bind must be completed on the
connection., data 0, v1db1
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]]
[sdap_get_generic_done] (0x0100): sdap_get_generic_ext_recv failed [5]:
Input/output error
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]]
[sdap_autofs_setautomntent_done] (0x0040): sdap_get_automntmap_recv failed
[5]: Input/output error
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_id_op_done]
(0x0200): communication error on cached connection, moving to next server
(Thu Sep 24 16:17:42 2015) [sssd[autofs]]
[lookup_automntmap_cache_updated] (0x0020): Unable to get information from
Data Provider
Error: 3, 5, Input/output error
Will try to return what we have in cache
-----
The information contained in this e-mail and in any attachments is confidential and is
designated solely for the attention of the intended recipient(s). If you are not an
intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or
any part thereof. If you have received this e-mail in error, please notify the sender by
return e-mail and delete all copies of this e-mail from your computer system(s). Please
direct any additional queries to: communications(a)s3group.com. Thank You. Silicon and
Software Systems Limited (S3 Group). Registered in Ireland no. 378073. Registered Office:
South County Business Park, Leopardstown, Dublin 18.
_______________________________________________
sssd-users mailing list
sssd-users(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users