On Mon, Jun 25, 2018 at 05:12:25PM +0200, John Hearns wrote:
After 30 days of running sssd I found that my test workstation no
longer
connected to the domain.
The machine account password had timed out.
I now run a daily cron job using msktutil wihch will auto-update the
password.
However I should not have to do this. sssd should update the machine
password.
I can see entries in the logs such that the machine account password
renewal task is enabled.
Then:
[be_ptask_execute] (0x0400): Task [AD machine account password renewal]:
executing task, timeout 60 seconds
How though can I see if this taks is successful or not?
I realise that if the machine account is less than 30 days old the task
probably silently completes OK without any logging.
Do you have adcli installed?
If you set 'debug_level=7' or higher in the [domain/...] section of
sssd.conf you should be able to find the debug output of adcli in the
logs, it will start with '--- adcli output start---'.
HTH
bye,
Sumit
The version of sssd is 16.1 running on Ubuntu
John Hearns
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/sssd-users@lists.fedorahost...