Hello,
I have been struggling for some days now, trying to use sssd with a Active Directory (Windows 2008 R2).

I used realm command as explained here https://fedorahosted.org/sssd/wiki/Configuring_sssd_with_ad_server

I followed this post https://ovalousek.wordpress.com/2015/08/03/autofs but I am unable to make it work.

So far, I can log in, and apply the sudoers rules but the automount won't work.

OS : Fedora 20
sssd-common-pac-1.11.7-5.fc20.x86_64
sssd-proxy-1.11.7-5.fc20.x86_64
python-sssdconfig-1.11.7-5.fc20.noarch
sssd-tools-1.11.7-5.fc20.x86_64
sssd-common-1.11.7-5.fc20.x86_64
sssd-krb5-1.11.7-5.fc20.x86_64
sssd-1.11.7-5.fc20.x86_64
sssd-ldap-1.11.7-5.fc20.x86_64
sssd-ipa-1.11.7-5.fc20.x86_64
sssd-ad-1.11.7-5.fc20.x86_64
sssd-krb5-common-1.11.7-5.fc20.x86_64
sssd-client-1.11.7-5.fc20.x86_64

Any ideas ? Thank you.

autofs OU:
dn: OU=autofs,DC=ad,DC=mikdom,DC=org
objectClass: top
objectClass: organizationalUnit

dn: CN=auto.master,OU=autofs,DC=ad,DC=mikdom,DC=org
objectClass: top
objectClass: nisMap
cn: auto.master
nisMapName: auto.master

dn: CN=/homes,CN=auto.master,OU=autofs,DC=ad,DC=mikdom,DC=org
objectClass: top
objectClass: nisObject
cn: /homes
nisMapName: auto.master
nisMapEntry: ldap:cn=auto.home,ou=autofs,dc=ad,mikdom,dc=org

dn: CN=auto.home,OU=autofs,DC=ad,DC=mikdom,DC=org
objectClass: top
objectClass: nisMap
cn: auto.home
nisMapName: auto.home

dn: CN=/,CN=auto.home,OU=autofs,DC=ad,DC=mikdom,DC=org
objectClass: top
objectClass: nisObject
cn: /
nisMapName: auto.home
nisMapEntry: -fstype=nfs homeserv:/vol/homes/&


sssd config file :
[sssd]
domains = ad.mikdom.org
config_file_version = 2
services = nss, pam, autofs, sudo

[pam]

[nss]

[domain/ad.mikdom.org]
ad_server = myactived.ad.mikdom.org
ad_domain = ad.mikdom.org
access_provider = ad
auth_provider = ad
access_provider = ad
krb5_realm = AD.MIKDOM.ORG
realmd_tags = manages-system joined-with-adcli 
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
fallback_homedir = /home/%u
use_fully_qualified_names = False


#sudo                                     
sudo_provider = ad                     
ldap_sudo_search_base = ou=SUDOers,dc=ad,dc=mikdom,dc=org
ldap_sudo_full_refresh_interval = 86400
ldap_sudo_smart_refresh_interval = 3600

#autofs
ldap_schema = rfc2307
autofs_provider = ldap
ldap_autofs_entry_key = cn
ldap_autofs_entry_object_class = nisObject
ldap_autofs_entry_value = nisMapEntry
ldap_autofs_map_name = nisMapName
ldap_autofs_map_object_class = nisMap
ldap_autofs_search_base = ou=autofs,dc=ad,dc=mikdom,dc=org

[autofs]

sssd debug :
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'myactived.ad.mikdom.org' as 'working'
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [set_server_common_status] (0x0100): Marking server 'myactived.ad.mikdom.org' as 'working'
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_get_generic_ext_done] (0x0040): Unexpected result from ldap: Operations error(1), 000004DC: LdapErr: DSID-0C0906E8, comment: In orde
r to perform this operation a successful bind must be completed on the connection., data 0, v1db1
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_get_generic_done] (0x0100): sdap_get_generic_ext_recv failed [5]: Input/output error
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_autofs_setautomntent_done] (0x0040): sdap_get_automntmap_recv failed [5]: Input/output error
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_id_op_done] (0x0200): communication error on cached connection, moving to next server
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'LDAP'
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [be_resolve_server_process] (0x0200): Found address for server myactived.ad.mikdom.org: [192.168.200.245] TTL 3600
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_get_server_opts_from_rootdse] (0x0100): Setting AD compatibility level to [4]
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_cli_auth_step] (0x0100): expire timeout is 900
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'myactived.ad.mikdom.org' as 'working'
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [set_server_common_status] (0x0100): Marking server 'myactived.ad.mikdom.org' as 'working'
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_get_generic_ext_done] (0x0040): Unexpected result from ldap: Operations error(1), 000004DC: LdapErr: DSID-0C0906E8, comment: In orde
r to perform this operation a successful bind must be completed on the connection., data 0, v1db1
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_get_generic_done] (0x0100): sdap_get_generic_ext_recv failed [5]: Input/output error
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_autofs_setautomntent_done] (0x0040): sdap_get_automntmap_recv failed [5]: Input/output error
(Thu Sep 24 16:17:42 2015) [sssd[be[ad.mikdom.org]]] [sdap_id_op_done] (0x0200): communication error on cached connection, moving to next server
(Thu Sep 24 16:17:42 2015) [sssd[autofs]] [lookup_automntmap_cache_updated] (0x0020): Unable to get information from Data Provider
Error: 3, 5, Input/output error
Will try to return what we have in cache