I'm sorry, but the line wraps in your mail are missing, at least that's
how the mail got rendered for me..so I'm having trougle reading the
logs..
Nonetheless, does it help if you add enable_files_domain = false into
the [sssd] section?
On Wed, Jan 24, 2018 at 08:58:11AM -0500, Geoff Goehle wrote:
Thanks for the response. I was on #sssd and someone said that
duplicate usernames like we have is a no go, so I was planning on just removing local
accounts and deal with the fallout. However, I'm
happy to look for a different fix.
Geoff.
- We are using the implicit files provider
- The sssd.conf file is
[domain/place.edu]id_provider = adaccess_provider = ad
ldap_idmap_range_min = 200000ldap_idmap_range_max = 2000200000ldap_idmap_range_size =
800000ldap_pwd_policy = none
sudo_provider = none
debug_level = 8
[sssd]services = nss, pamconfig_file_version = 2domains =
place.edu
[nss]override_shell=/bin/bashoverride_homedir=/home/%ufilter_users =
<stuff>filter_groups = <stuff>
[pam]
- The domain log file is. (There is a failed login attempt in this range of entries, but
it doesn't show up anywhere.)
(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [child_sig_handler] (0x1000): Waiting
for child [19947].(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [child_sig_handler]
(0x0020): child [19947]
failed with status [2].(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[nsupdate_child_handler] (0x0040): Dynamic DNS child failed with status [512](Wed Jan 24
08:53:43 2018) [sssd[be[place.edu]]]
[be_nsupdate_done] (0x0040): nsupdate child execution failed [1432158239]: Dynamic DNS
update failed(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_server_init_new_connection] (0x0200):
Entering.(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_server_init_new_connection] (0x0200): Adding connection 0x55a3326eac70.(Wed Jan 24
08:53:43 2018) [sssd[be[place.edu]]]
[sbus_init_connection] (0x0400): Adding connection 0x55a3326eac70(Wed Jan 24 08:53:43
2018) [sssd[be[place.edu]]] [sbus_add_watch] (0x2000): 0x55a3326d8260/0x55a3326ede90 (19),
-/W (disabled)(Wed Jan
24 08:53:43 2018) [sssd[be[place.edu]]] [sbus_server_init_new_connection] (0x0200): Got a
connection(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [dp_client_init] (0x0100):
Set-up Backend ID
timeout [0x55a3326e7070](Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.sssd.DataProvider.Client with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_conn_register_path] (0x0400): Registering object path
/org/freedesktop/sssd/dataprovider with D-Bus
connection(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.DBus.Properties with path
/org/freedesktop/sssd/dataprovider(Wed
Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [sbus_opath_hash_add_iface] (0x0400):
Registering interface org.freedesktop.DBus.Introspectable with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24
08:53:43 2018) [sssd[be[place.edu]]] [sbus_opath_hash_add_iface] (0x0400): Registering
interface org.freedesktop.sssd.dataprovider with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43
2018) [sssd[be[place.edu]]] [sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.sssd.DataProvider.Backend with path /org/freedesktop/sssd/dataprovider(Wed
Jan 24 08:53:43 2018)
[sssd[be[place.edu]]] [sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.sssd.DataProvider.Failover with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]] [sbus_server_init_new_connection] (0x0200): Entering.(Wed Jan 24
08:53:43 2018) [sssd[be[place.edu]]] [sbus_server_init_new_connection] (0x0200): Adding
connection
0x55a3326e8800.(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [sbus_init_connection]
(0x0400): Adding connection 0x55a3326e8800(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_add_watch]
(0x2000): 0x55a3326d8de0/0x55a3326d9630 (20), -/W (disabled)(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]] [sbus_server_init_new_connection] (0x0200): Got a connection(Wed Jan
24 08:53:43 2018)
[sssd[be[place.edu]]] [dp_client_init] (0x0100): Set-up Backend ID timeout
[0x55a3326f3510](Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.sssd.DataProvider.Client with path /org/freedesktop/sssd/dataprovider(Wed
Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [sbus_conn_register_path] (0x0400):
Registering object path
/org/freedesktop/sssd/dataprovider with D-Bus connection(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]] [sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.DBus.Properties
with path /org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]] [sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.DBus.Introspectable with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.sssd.dataprovider with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.sssd.DataProvider.Backend with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.sssd.DataProvider.Failover with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_message_handler] (0x2000): Received SBUS method
org.freedesktop.sssd.DataProvider.Client.Register on path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_get_sender_id_send] (0x2000): Not a sysbus message, quit(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]]
[dp_client_register] (0x0100): Cancel DP ID timeout [0x55a3326f3510](Wed Jan 24 08:53:43
2018) [sssd[be[place.edu]]] [dp_client_register] (0x0100): Added Frontend client [PAM](Wed
Jan 24 08:53:43
2018) [sssd[be[place.edu]]] [sbus_message_handler] (0x2000): Received SBUS method
org.freedesktop.sssd.dataprovider.getDomains on path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]] [sbus_get_sender_id_send] (0x2000): Not a sysbus message, quit(Wed
Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [dp_attach_req] (0x0400): DP Request
[Subdomains #0]: New request.
Flags [0000].(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [dp_attach_req] (0x0400):
Number of active DP request: 1(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[ad_subdomains_handler_send]
(0x0400): Subdomains were recently refreshed, nothing to do(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]] [dp_req_done] (0x0400): DP Request [Subdomains #0]: Request handler
finished [0]:
Success(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [_dp_req_recv] (0x0400): DP
Request [Subdomains #0]: Receiving request data.(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]]
[dp_req_reply_list_success] (0x0400): DP Request [Subdomains #0]: Finished. Success.(Wed
Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [dp_req_reply_std] (0x1000): DP Request
[Subdomains #0]: Returning
[Success]: 0,0,Success(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[dp_table_value_destructor] (0x0400): Removing [8:8:0000:<ALL>] from reply table(Wed
Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[dp_req_destructor] (0x0400): DP Request [Subdomains #0]: Request removed.(Wed Jan 24
08:53:43 2018) [sssd[be[place.edu]]] [dp_req_destructor] (0x0400): Number of active DP
request: 0(Wed Jan 24
08:53:43 2018) [sssd[be[place.edu]]] [sbus_message_handler] (0x2000): Received SBUS
method org.freedesktop.sssd.DataProvider.Client.Register on path
/org/freedesktop/sssd/dataprovider(Wed Jan 24
08:53:43 2018) [sssd[be[place.edu]]] [sbus_get_sender_id_send] (0x2000): Not a sysbus
message, quit(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [dp_client_register]
(0x0100): Cancel DP ID timeout
[0x55a3326e7070](Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [dp_client_register]
(0x0100): Added Frontend client [NSS](Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_message_handler]
(0x2000): Received SBUS method org.freedesktop.sssd.dataprovider.getDomains on path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_get_sender_id_send]
(0x2000): Not a sysbus message, quit(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[dp_attach_req] (0x0400): DP Request [Subdomains #1]: New request. Flags [0000].(Wed Jan
24 08:53:43 2018)
[sssd[be[place.edu]]] [dp_attach_req] (0x0400): Number of active DP request: 1(Wed Jan 24
08:53:43 2018) [sssd[be[place.edu]]] [ad_subdomains_handler_send] (0x0400): Subdomains
were recently
refreshed, nothing to do(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [dp_req_done]
(0x0400): DP Request [Subdomains #0]: Request handler finished [0]: Success(Wed Jan 24
08:53:43 2018)
[sssd[be[place.edu]]] [_dp_req_recv] (0x0400): DP Request [Subdomains #0]: Receiving
request data.(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [dp_req_reply_list_success]
(0x0400): DP Request
[Subdomains #0]: Finished. Success.(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[dp_req_reply_std] (0x1000): DP Request [Subdomains #0]: Returning [Success]:
0,0,Success(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]] [dp_table_value_destructor] (0x0400): Removing
[8:8:0000:<ALL>] from reply table(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[dp_req_destructor] (0x0400): DP Request
[Subdomains #0]: Request removed.(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[dp_req_destructor] (0x0400): Number of active DP request: 0(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]]
[sbus_message_handler] (0x2000): Received SBUS method
org.freedesktop.sssd.DataProvider.Client.Register on path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_get_sender_id_send] (0x2000): Not a sysbus message, quit(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]] [dp_client_register] (0x0100): Cancel DP ID timeout
[0x55a3326e7070](Wed Jan 24 08:53:43
2018) [sssd[be[place.edu]]] [dp_client_register] (0x0100): Added Frontend client
[NSS](Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [sbus_message_handler] (0x2000):
Received SBUS method
org.freedesktop.sssd.dataprovider.getDomains on path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[sbus_get_sender_id_send] (0x2000): Not a sysbus message,
quit(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [dp_attach_req] (0x0400): DP Request
[Subdomains #1]: New request. Flags [0000].(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]] [dp_attach_req]
(0x0400): Number of active DP request: 1(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[ad_subdomains_handler_send] (0x0400): Subdomains were recently refreshed, nothing to
do(Wed Jan 24 08:53:43
2018) [sssd[be[place.edu]]] [dp_req_done] (0x0400): DP Request [Subdomains #1]: Request
handler finished [0]: Success(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[_dp_req_recv] (0x0400): DP
Request [Subdomains #1]: Receiving request data.(Wed Jan 24 08:53:43 2018)
[sssd[be[place.edu]]] [dp_req_reply_list_success] (0x0400): DP Request [Subdomains #1]:
Finished. Success.(Wed Jan 24
08:53:43 2018) [sssd[be[place.edu]]] [dp_req_reply_std] (0x1000): DP Request [Subdomains
#1]: Returning [Success]: 0,0,Success(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]]
[dp_table_value_destructor] (0x0400): Removing [8:8:0000:<ALL>] from reply
table(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [dp_req_destructor] (0x0400): DP
Request [Subdomains #1]: Request
removed.(Wed Jan 24 08:53:43 2018) [sssd[be[place.edu]]] [dp_req_destructor] (0x0400):
Number of active DP request: 0(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]]
[sbus_server_init_new_connection]
(0x0200): Entering.(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]]
[sbus_server_init_new_connection] (0x0200): Adding connection 0x55a3326fa950.(Wed Jan 24
08:53:44 2018) [sssd[be[place.edu]]]
[sbus_init_connection] (0x0400): Adding connection 0x55a3326fa950(Wed Jan 24 08:53:44
2018) [sssd[be[place.edu]]] [sbus_add_watch] (0x2000): 0x55a3326d00c0/0x55a3326fa5b0 (21),
-/W (disabled)(Wed Jan
24 08:53:44 2018) [sssd[be[place.edu]]] [sbus_server_init_new_connection] (0x0200): Got a
connection(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]] [dp_client_init] (0x0100):
Set-up Backend ID
timeout [0x55a3326e7070](Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]]
[sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.sssd.DataProvider.Client with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]]
[sbus_conn_register_path] (0x0400): Registering object path
/org/freedesktop/sssd/dataprovider with D-Bus
connection(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.DBus.Properties with path
/org/freedesktop/sssd/dataprovider(Wed
Jan 24 08:53:44 2018) [sssd[be[place.edu]]] [sbus_opath_hash_add_iface] (0x0400):
Registering interface org.freedesktop.DBus.Introspectable with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24
08:53:44 2018) [sssd[be[place.edu]]] [sbus_opath_hash_add_iface] (0x0400): Registering
interface org.freedesktop.sssd.dataprovider with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:44
2018) [sssd[be[place.edu]]] [sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.sssd.DataProvider.Backend with path /org/freedesktop/sssd/dataprovider(Wed
Jan 24 08:53:44 2018)
[sssd[be[place.edu]]] [sbus_opath_hash_add_iface] (0x0400): Registering interface
org.freedesktop.sssd.DataProvider.Failover with path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:44 2018)
[sssd[be[place.edu]]] [sbus_message_handler] (0x2000): Received SBUS method
org.freedesktop.sssd.DataProvider.Client.Register on path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:44 2018)
[sssd[be[place.edu]]] [sbus_get_sender_id_send] (0x2000): Not a sysbus message, quit(Wed
Jan 24 08:53:44 2018) [sssd[be[place.edu]]] [dp_client_register] (0x0100): Cancel DP ID
timeout
[0x55a3326e7070](Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]] [dp_client_register]
(0x0100): Added Frontend client [SUDO](Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]]
[sbus_message_handler]
(0x2000): Received SBUS method org.freedesktop.sssd.dataprovider.getDomains on path
/org/freedesktop/sssd/dataprovider(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]]
[sbus_get_sender_id_send]
(0x2000): Not a sysbus message, quit(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]]
[dp_attach_req] (0x0400): DP Request [Subdomains #2]: New request. Flags [0000].(Wed Jan
24 08:53:44 2018)
[sssd[be[place.edu]]] [dp_attach_req] (0x0400): Number of active DP request: 1(Wed Jan 24
08:53:44 2018) [sssd[be[place.edu]]] [ad_subdomains_handler_send] (0x0400): Subdomains
were recently
refreshed, nothing to do(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]] [dp_req_done]
(0x0400): DP Request [Subdomains #2]: Request handler finished [0]: Success(Wed Jan 24
08:53:44 2018)
[sssd[be[place.edu]]] [_dp_req_recv] (0x0400): DP Request [Subdomains #2]: Receiving
request data.(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]] [dp_req_reply_list_success]
(0x0400): DP Request
[Subdomains #2]: Finished. Success.(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]]
[dp_req_reply_std] (0x1000): DP Request [Subdomains #2]: Returning [Success]:
0,0,Success(Wed Jan 24 08:53:44 2018)
[sssd[be[place.edu]]] [dp_table_value_destructor] (0x0400): Removing
[8:8:0000:<ALL>] from reply table(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]]
[dp_req_destructor] (0x0400): DP Request
[Subdomains #2]: Request removed.(Wed Jan 24 08:53:44 2018) [sssd[be[place.edu]]]
[dp_req_destructor] (0x0400): Number of active DP request: 0
On Wed, 2018-01-24 at 14:37 +0100, Jakub Hrozek wrote:
> On Tue, Jan 23, 2018 at 07:44:04PM -0500, goehle(a)gmail.com wrote:
> > Hi,
> >
> > The troubleshooting guide in the docs said to email the list if the System
> > Error (4) shows up, so I figured I bring this issue up. I'm running sssd
> > version 1.16.0 on Debian testing and recently encountered a new behavior.
> > We set up sssd with active directory based authentication on an already
> > established system. For various reasons there are still local passwd
> > users, some of whom also have ad accounts. What used to happen is that the
> > pam/nsswitch stack was set up so that those users would end up with their
> > passwd id. If they had an ad account they could log in with either their
> > shadow password or their ad password. Right after we upgraded from
> > 1.16.0-1 to 1.16.0-2 any local user generated a System Error (4) in the
> > logs and and local users with ad accounts could no longer use their ad
> > passwords (although they could still use their local passwords). There
> > isn't a lot of information in the logs.
>
> Can you also paste your full configuration and the sssd domain log(s) ?
>
> Does sssd on Debian use the implicit files provider (ps would show a
> sssd_be process running with --name implicit_files)
> _______________________________________________
> sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
> To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org