Hi again,
The issue with password caching seems to have been solved. However with my 1.15.2 deployment still has one problem which is not present with 1.13. If you log in to a machine when it is offline, you have to reboot the machine or restart the sssd service for any Kerberos tickets to be obtained from the KDC when the machine comes back online.
If I originally login when the machine is offline, I get this ticket: sweston@sflt28:~$ klist Ticket cache: FILE:/tmp/krb5cc_1117605638_HtMNOv Default principal: sweston@SMALLBUSINESS.LAN
Valid starting Expires Service principal 01/01/70 01:00:00 01/01/70 01:00:00 krbtgt/SMALLBUSINESS.LAN@SMALLBUSINESS.LAN
If I log out and login again with the network cable plugged in, I still only have the above ticket. The logs look like this: Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_get_account_info_handler] (0x0200): Got request for [0x3][BE_REQ_INITGROUPS][name=sweston@smallbusiness.lan] (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [Initgroups #329]: New request. Flags [0x0001]. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [Initgroups #329]: Receiving request data. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_reply_gen_error] (0x0080): DP Request [Initgroups #329]: Finished. Backend is currently offline. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_table_value_destructor] (0x0400): Removing [0:1:0x0001:3::SMALLBUSINESS.LAN:name=sweston@smallbusiness.lan] from reply table (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [Initgroups #329]: Request removed. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got request with the following data (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): command: SSS_PAM_AUTHENTICATE (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): domain: SMALLBUSINESS.LAN (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user: sweston@smallbusiness.lan (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): service: sudo (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty: /dev/pts/0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser: sweston (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost: (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): authtok type: 1 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): cli_pid: 3849 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon name: not set (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [PAM Authenticate #330]: New request. Flags [0000]. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [krb5_auth_send] (0x0100): Home directory for user [sweston@smallbusiness.lan] not known. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD' (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [get_port_status] (0x0080): SSSD is unable to complete the full connection request, this internal status does not necessarily indicate network port issues. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send] (0x0020): No available servers for service 'AD' (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_enable] (0x0080): Task [Check if online (periodic)]: already enabled (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_run_offline_cb] (0x0080): Going offline. Running callbacks. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200): Entry [name=sweston@smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set [ts_cache] attrs. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_cache_auth] (0x0100): Hashes do match! (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP Request [PAM Authenticate #330]: Request handler finished [0]: Success (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [PAM Authenticate #330]: Receiving request data. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [PAM Authenticate #330]: Request removed. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400): Target selinux is not configured (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [3857] finished successfully. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400): Back end is offline (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task [Subdomains Refresh]: disabling task (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got request with the following data (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): command: SSS_PAM_ACCT_MGMT (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): domain: SMALLBUSINESS.LAN (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user: sweston@smallbusiness.lan (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): service: sudo (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty: /dev/pts/0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser: sweston (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost: (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): authtok type: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): cli_pid: 3849 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon name: not set (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [PAM Account #331]: New request. Flags [0000]. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_access_send] (0x0400): Performing access check for user [sweston@smallbusiness.lan] (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_account_expired_ad] (0x0400): Performing AD access check for user [sweston@smallbusiness.lan] (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_send] (0x0400): service sudo maps to Permitted (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_done] (0x0400): GPO-based access control successful. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP Request [PAM Account #331]: Request handler finished [0]: Success (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [PAM Account #331]: Receiving request data. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [PAM Account #331]: Request removed. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400): Target selinux is not configured (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400): Back end is offline (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task [SUDO Smart Refresh]: disabling task (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400): Back end is offline (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task [SUDO Full Refresh]: disabling task (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [remove_krb5_info_files] (0x0200): Could not remove [/var/lib/sss/pubconf/kdcinfo.SMALLBUSINESS.LAN], [2][No such file or directory] (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [remove_krb5_info_files] (0x0200): Could not remove [/var/lib/sss/pubconf/kpasswdinfo.SMALLBUSINESS.LAN], [2][No such file or directory] (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400): Back end is offline (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task [AD machine account password renewal]: disabling task
If I restart the sssd service and then lock the screen and login again everything works correctly. I get the ticket that I want: Ticket cache: FILE:/tmp/krb5cc_1117605638_HtMNOv Default principal: sweston@SMALLBUSINESS.LAN
Valid starting Expires Service principal 12/09/17 17:21:24 13/09/17 03:21:24 krbtgt/SMALLBUSINESS.LAN@SMALLBUSINESS.LAN renew until 13/09/17 17:21:24
Logs: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_get_account_info_handler] (0x0200): Got request for [0x3][BE_REQ_INITGROUPS][name=sweston@smallbusiness.lan] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [Initgroups #1]: New request. Flags [0x0001]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD_GC' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolve_srv_send] (0x0200): The status of SRV lookup is neutral (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_send] (0x0400): About to find domain controllers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_dc_servers_send] (0x0400): Looking up domain controllers in domain SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_discover_srv_next_domain] (0x0400): SRV resolution of service 'ldap'. Will use DNS discovery domain 'SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_getsrv_send] (0x0100): Trying to resolve SRV record of '_ldap._tcp.SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got answer. Processing... (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got 2 servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_dc_servers_done] (0x0400): Found 2 domain controllers in domain SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_dcs_done] (0x0400): About to locate suitable site (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_connect_host_send] (0x0400): Resolving host sfbackup02.smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of 'sfbackup02.smallbusiness.lan' in files (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve AAAA record of 'sfbackup02.smallbusiness.lan' in files (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_next] (0x0200): No more address families to retry (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of 'sfbackup02.smallbusiness.lan' in DNS (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_connect_host_resolv_done] (0x0400): Connecting to ldap://sfbackup02.smallbusiness.lan:389 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sssd_async_socket_init_send] (0x0400): Setting 6 seconds timeout for connecting (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_connect_host_done] (0x0400): Successful connection to ldap://sfbackup02.smallbusiness.lan:389 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(DnsDomain=SMALLBUSINESS.LAN)(NtVer=\14\00\00\00))][]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_client_site_done] (0x0400): Found site: Default-First-Site-Name (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_client_site_done] (0x0400): Found forest: SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_site_done] (0x0400): About to discover primary and backup servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_servers_send] (0x0400): Looking up primary servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_discover_srv_next_domain] (0x0400): SRV resolution of service 'gc'. Will use DNS discovery domain 'Default-First-Site-Name._sites.SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_getsrv_send] (0x0100): Trying to resolve SRV record of '_gc._tcp.Default-First-Site-Name._sites.SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got answer. Processing... (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got 2 servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_servers_primary_done] (0x0400): Looking up backup servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_discover_srv_next_domain] (0x0400): SRV resolution of service 'gc'. Will use DNS discovery domain 'SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_getsrv_send] (0x0100): Trying to resolve SRV record of '_gc._tcp.SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got answer. Processing... (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got 2 servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_servers_done] (0x0400): Got 2 primary and 2 backup servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400): Inserted primary server 'sfpdc.smallbusiness.lan:3268' to service 'AD_GC' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400): Inserted primary server 'sfbackup02.smallbusiness.lan:3268' to service 'AD_GC' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400): Server 'sfbackup02.smallbusiness.lan:3268' for service 'AD_GC' is already present (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400): Server 'sfpdc.smallbusiness.lan:3268' for service 'AD_GC' is already present (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_srv_data_status] (0x0100): Marking SRV lookup of service 'AD_GC' as 'resolved' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of 'sfpdc.smallbusiness.lan' in files (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status] (0x0100): Marking server 'sfpdc.smallbusiness.lan' as 'resolving name' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve AAAA record of 'sfpdc.smallbusiness.lan' in files (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_next] (0x0200): No more address families to retry (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of 'sfpdc.smallbusiness.lan' in DNS (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status] (0x0100): Marking server 'sfpdc.smallbusiness.lan' as 'name resolved' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_resolve_server_process] (0x0200): Found address for server sfpdc.smallbusiness.lan: [192.168.1.7] TTL 3600 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_resolve_callback] (0x0100): Constructed uri 'ldap://sfpdc.smallbusiness.lan' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_resolve_callback] (0x0100): Constructed GC uri 'ldap://sfpdc.smallbusiness.lan:3268' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sssd_async_socket_init_send] (0x0400): Setting 6 seconds timeout for connecting (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_server_opts_from_rootdse] (0x0100): Setting AD compatibility level to [4] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_kinit_send] (0x0400): Attempting kinit (default, SFLT28$, SMALLBUSINESS.LAN, 86400) (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_resolve_server_process] (0x0200): Found address for server sfbackup02.smallbusiness.lan: [192.168.1.3] TTL 3600 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [create_tgt_req_send_buffer] (0x0400): buffer size: 48 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4718] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/ccache_SMALLBUSINESS.LAN], expired on [1505269284] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_cli_auth_step] (0x0100): expire timeout is 900 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sasl_bind_send] (0x0100): Executing sasl bind mech: gssapi, user: SFLT28$ (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_cli_connect_recv] (0x0400): Connection established. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0100): Marking port 3268 of server 'sfpdc.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status] (0x0100): Marking server 'sfpdc.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0400): Marking port 3268 of duplicate server 'sfpdc.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_initgr_next_base] (0x0400): Searching for users with base [DC=SMALLBUSINESS,DC=LAN] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(sAMAccountName=sweston)(objectclass=user)(objectSID=*))][DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Save user (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_primary_name] (0x0400): Processing object sweston (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Processing user sweston@smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Adding original memberOf attributes to [sweston@smallbusiness.lan]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Adding user principal [sweston@SMALLBUSINESS.LAN] to attributes of [sweston@smallbusiness.lan]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Storing info for user sweston@smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200): Entry [name=sweston@smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set [ts_cache] attrs. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [no filter][CN=Sam Weston,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix] (0x0400): Object SID [S-1-5-32-550] is a built-in one. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix] (0x0400): Object SID [S-1-5-32-545] is a built-in one. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix] (0x0400): Object SID [S-1-5-32-544] is a built-in one. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix] (0x0400): Object SID [S-1-5-32-549] is a built-in one. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix] (0x0400): Object SID [S-1-5-32-574] is a built-in one. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_initgr_done] (0x0400): Primary group already cached, nothing to do. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200): Entry [name=sweston@smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set [ts_cache] attrs. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP Request [Initgroups #1]: Request handler finished [0]: Success (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [Initgroups #1]: Receiving request data. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_initgr_pp] (0x0400): Ordering NSS responder to update memory cache (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_reply_list_success] (0x0400): DP Request [Initgroups #1]: Finished. Success. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_table_value_destructor] (0x0400): Removing [0:1:0x0001:3::SMALLBUSINESS.LAN:name=sweston@smallbusiness.lan] from reply table (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [Initgroups #1]: Request removed. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got request with the following data (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): command: SSS_PAM_AUTHENTICATE (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): domain: SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user: sweston@smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): service: gdm-password (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty: /dev/tty2 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): authtok type: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): cli_pid: 4714 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon name: not set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [PAM Authenticate #2]: New request. Flags [0000]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [krb5_auth_send] (0x0100): Home directory for user [sweston@smallbusiness.lan] not known. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_resolve_server_process] (0x0200): Found address for server sfbackup02.smallbusiness.lan: [192.168.1.3] TTL 3600 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'sfbackup02.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status] (0x0100): Marking server 'sfbackup02.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0400): Marking port 389 of duplicate server 'sfbackup02.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200): Entry [name=sweston@smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set [ts_cache] attrs. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200): Entry [name=sweston@smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set [cache, ts_cache] attrs. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP Request [PAM Authenticate #2]: Request handler finished [0]: Success (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [PAM Authenticate #2]: Receiving request data. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [PAM Authenticate #2]: Request removed. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400): Target selinux is not configured (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4719] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got request with the following data (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): command: SSS_PAM_ACCT_MGMT (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): domain: SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user: sweston@smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): service: gdm-password (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty: /dev/tty2 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): authtok type: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): cli_pid: 4714 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon name: not set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [PAM Account #3]: New request. Flags [0000]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_access_send] (0x0400): Performing access check for user [sweston@smallbusiness.lan] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_account_expired_ad] (0x0400): Performing AD access check for user [sweston@smallbusiness.lan] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_send] (0x0400): service gdm-password maps to Interactive (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_connect_done] (0x0400): sam_account_name is SFLT28$ (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(objectclass=user)(sAMAccountName=SFLT28$))][dc=smallbusiness,dc=lan]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [objectclass=domain][DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_next_done] (0x0400): Found SID [S-1-5-21-3845744863-2409227386-3211111987]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(DnsDomain=SMALLBUSINESS.LAN)(NtVer=\14\00\00\00))][]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_netlogon_done] (0x0400): Found flat name [SMALLBUSINESS]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_netlogon_done] (0x0400): Found site [Default-First-Site-Name]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_netlogon_done] (0x0400): Found forest [SMALLBUSINESS.LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done] (0x0400): som_list[0]->som_dn is OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done] (0x0400): som_list[1]->som_dn is OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done] (0x0400): som_list[2]->som_dn is OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done] (0x0400): som_list[3]->som_dn is DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done] (0x0400): som_list[4]->som_dn is cn=Default-First-Site-Name,cn=Sites,CN=Configuration,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list] (0x0400): som_dn: OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list] (0x0400): som_dn: OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list] (0x0400): som_dn: OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list] (0x0400): som_dn: DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn=Default-First-Site-Name,cn=Sites,CN=Configuration,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_get_som_attrs_done] (0x0040): no attrs found for SOM; try next SOM (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[0]->gpo_dn: CN={7D28B004-B249-49B0-A8CE-BA2A0B9F56EA},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[1]->gpo_dn: CN={7F8D8A41-8831-4EF1-990F-3AECF333E735},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[2]->gpo_dn: CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[3]->gpo_dn: cn={BA4389F2-AD33-4678-BF30-44D81E900008},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[4]->gpo_dn: cn={5F743845-71B6-4CDF-965F-20360E51C01A},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[5]->gpo_dn: cn={8FC54817-BD35-4D6F-AB72-E799C66667E8},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[6]->gpo_dn: cn={CED4E066-9ADF-47A5-8F92-BBDDB522A034},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[7]->gpo_dn: cn={6ECD6877-791E-4F38-9945-EFAF733C3475},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[8]->gpo_dn: cn={CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[9]->gpo_dn: cn={57EF63D0-BF6F-4079-BD9B-9D896BB9A495},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[10]->gpo_dn: cn={29274130-3B70-4A97-AB38-25EA9D8D0F67},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[11]->gpo_dn: cn={D6B5C6DF-114E-49FC-976E-5B8893FA1E27},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[12]->gpo_dn: cn={3452D745-B138-4799-A555-1EBFB3654704},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[13]->gpo_dn: cn={B42D8E08-C289-436C-8E31-BD3DD2A415DC},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[14]->gpo_dn: cn={355444B3-99ED-4D77-B9EC-BAF3EAA17AA7},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [CN={7D28B004-B249-49B0-A8CE-BA2A0B9F56EA},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][CN={7D28B004-B249-49B0-A8CE-BA2A0B9F56EA},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [CN={7F8D8A41-8831-4EF1-990F-3AECF333E735},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][CN={7F8D8A41-8831-4EF1-990F-3AECF333E735},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={BA4389F2-AD33-4678-BF30-44D81E900008},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={BA4389F2-AD33-4678-BF30-44D81E900008},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={5F743845-71B6-4CDF-965F-20360E51C01A},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={5F743845-71B6-4CDF-965F-20360E51C01A},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={8FC54817-BD35-4D6F-AB72-E799C66667E8},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={8FC54817-BD35-4D6F-AB72-E799C66667E8},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={CED4E066-9ADF-47A5-8F92-BBDDB522A034},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={CED4E066-9ADF-47A5-8F92-BBDDB522A034},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={6ECD6877-791E-4F38-9945-EFAF733C3475},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={6ECD6877-791E-4F38-9945-EFAF733C3475},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={57EF63D0-BF6F-4079-BD9B-9D896BB9A495},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={57EF63D0-BF6F-4079-BD9B-9D896BB9A495},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={29274130-3B70-4A97-AB38-25EA9D8D0F67},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={29274130-3B70-4A97-AB38-25EA9D8D0F67},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={D6B5C6DF-114E-49FC-976E-5B8893FA1E27},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={D6B5C6DF-114E-49FC-976E-5B8893FA1E27},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={3452D745-B138-4799-A555-1EBFB3654704},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={3452D745-B138-4799-A555-1EBFB3654704},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={B42D8E08-C289-436C-8E31-BD3DD2A415DC},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={B42D8E08-C289-436C-8E31-BD3DD2A415DC},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={355444B3-99ED-4D77-B9EC-BAF3EAA17AA7},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={355444B3-99ED-4D77-B9EC-BAF3EAA17AA7},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[0]->gpo_guid is {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[1]->gpo_guid is {7F8D8A41-8831-4EF1-990F-3AECF333E735} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[2]->gpo_guid is {BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[3]->gpo_guid is {5F743845-71B6-4CDF-965F-20360E51C01A} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[4]->gpo_guid is {8FC54817-BD35-4D6F-AB72-E799C66667E8} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[5]->gpo_guid is {CED4E066-9ADF-47A5-8F92-BBDDB522A034} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[6]->gpo_guid is {6ECD6877-791E-4F38-9945-EFAF733C3475} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[7]->gpo_guid is {CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[8]->gpo_guid is {57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[9]->gpo_guid is {29274130-3B70-4A97-AB38-25EA9D8D0F67} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[10]->gpo_guid is {D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[11]->gpo_guid is {3452D745-B138-4799-A555-1EBFB3654704} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[12]->gpo_guid is {B42D8E08-C289-436C-8E31-BD3DD2A415DC} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[13]->gpo_guid is {355444B3-99ED-4D77-B9EC-BAF3EAA17AA7} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): cse_filtered_gpos[0]->gpo_guid is {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): cse_filtered_gpos[1]->gpo_guid is {BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): cse_filtered_gpos[2]->gpo_guid is {57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): cse_filtered_gpos[3]->gpo_guid is {D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): num_cse_filtered_gpos: 4 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_gpo_delete_gpo_result_object] (0x0400): Deleting GPO Result object (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse filtered_gpos[0]->gpo_guid is {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_server: smb://sfpdc.smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_share: /SysVol (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_path: /SMALLBUSINESS.LAN/Policies/{7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): gpo_guid: {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): retrieving GPO from cache [{7D28B004-B249-49B0-A8CE-BA2A0B9F56EA}] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): send_to_child: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cached_gpt_version: 655593 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400): sysvol_gpt_version: 655593 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400): gpo_guid: {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse filtered_gpos[1]->gpo_guid is {BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_server: smb://sfpdc.smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_share: /SysVol (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_path: /SMALLBUSINESS.LAN/Policies/{BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): gpo_guid: {BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): retrieving GPO from cache [{BA4389F2-AD33-4678-BF30-44D81E900008}] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): send_to_child: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cached_gpt_version: 10 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0020): waitpid did not found a child with changed status. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4722] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400): sysvol_gpt_version: 10 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400): gpo_guid: {BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_store_policy_settings] (0x0020): [/var/lib/sss/gpo_cache/SMALLBUSINESS.LAN/Policies/{BA4389F2-AD33-4678-BF30-44D81E900008}/Machine/Microsoft/Windows NT/SecEdit/GptTmpl.inf]: ini_config_parse failed [5][Input/output error] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_store_policy_settings] (0x0020): Error (5) on line 7: Equal sign is missing. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_store_policy_settings] (0x0020): Error (5) on line 8: Equal sign is missing. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse filtered_gpos[2]->gpo_guid is {57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_server: smb://sfpdc.smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_share: /SysVol (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_path: /SMALLBUSINESS.LAN/Policies/{57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): gpo_guid: {57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): retrieving GPO from cache [{57EF63D0-BF6F-4079-BD9B-9D896BB9A495}] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): send_to_child: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cached_gpt_version: 8 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0020): waitpid did not found a child with changed status. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4724] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400): sysvol_gpt_version: 8 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400): gpo_guid: {57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_gpo_store_gpo_result_setting] (0x0400): Storing setting: key [SeDenyInteractiveLogonRight] value [*S-1-5-21-3845744863-2409227386-3211111987-3806] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_gpo_store_gpo_result_setting] (0x0400): Updating setting: key [SeDenyRemoteInteractiveLogonRight] value [*S-1-5-21-3845744863-2409227386-3211111987-3806] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse filtered_gpos[3]->gpo_guid is {D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_server: smb://sfpdc.smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_share: /SysVol (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_path: /SMALLBUSINESS.LAN/Policies/{D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): gpo_guid: {D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): retrieving GPO from cache [{D6B5C6DF-114E-49FC-976E-5B8893FA1E27}] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): send_to_child: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cached_gpt_version: 262220 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0020): waitpid did not found a child with changed status. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4726] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400): sysvol_gpt_version: 262220 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400): gpo_guid: {D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_gpo_get_gpo_result_setting] (0x0400): key [SeInteractiveLogonRight] value [(null)] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [parse_policy_setting_value] (0x0400): No value for key [SeInteractiveLogonRight] found in gpo result (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_gpo_get_gpo_result_setting] (0x0400): key [SeDenyInteractiveLogonRight] value [*S-1-5-21-3845744863-2409227386-3211111987-3806] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): RESULTANT POLICY: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): gpo_map_type: Interactive (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): allowed_size = 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): denied_size = 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): denied_sids[0] = S-1-5-21-3845744863-2409227386-3211111987-3806 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): CURRENT USER: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): user_sid = S-1-5-21-3845744863-2409227386-3211111987-5638 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[0] = S-1-5-21-3845744863-2409227386-3211111987-5652 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[1] = S-1-5-21-3845744863-2409227386-3211111987-5656 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[2] = S-1-5-21-3845744863-2409227386-3211111987-3798 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[3] = S-1-5-21-3845744863-2409227386-3211111987-5655 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[4] = S-1-5-21-3845744863-2409227386-3211111987-5659 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[5] = S-1-5-21-3845744863-2409227386-3211111987-5653 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[6] = S-1-5-21-3845744863-2409227386-3211111987-5660 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[7] = S-1-5-21-3845744863-2409227386-3211111987-5663 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[8] = S-1-5-21-3845744863-2409227386-3211111987-5732 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[9] = S-1-5-21-3845744863-2409227386-3211111987-3722 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[10] = S-1-5-21-3845744863-2409227386-3211111987-5709 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[11] = S-1-5-21-3845744863-2409227386-3211111987-512 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[12] = S-1-5-21-3845744863-2409227386-3211111987-3823 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[13] = S-1-5-21-3845744863-2409227386-3211111987-5654 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[14] = S-1-5-21-3845744863-2409227386-3211111987-513 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[15] = S-1-5-21-3845744863-2409227386-3211111987-3665 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[16] = S-1-5-21-3845744863-2409227386-3211111987-3737 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[17] = S-1-5-21-3845744863-2409227386-3211111987-3754 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[18] = S-1-5-21-3845744863-2409227386-3211111987-5665 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[19] = S-1-5-21-3845744863-2409227386-3211111987-3715 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[20] = S-1-5-21-3845744863-2409227386-3211111987-5661 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[21] = S-1-5-21-3845744863-2409227386-3211111987-3812 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[22] = S-1-5-21-3845744863-2409227386-3211111987-572 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[23] = S-1-5-21-3845744863-2409227386-3211111987-3610 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[24] = S-1-5-21-3845744863-2409227386-3211111987-1182 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[25] = S-1-5-21-3845744863-2409227386-3211111987-1627 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[26] = S-1-5-21-3845744863-2409227386-3211111987-1630 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[27] = S-1-5-21-3845744863-2409227386-3211111987-1767 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[28] = S-1-5-21-3845744863-2409227386-3211111987-1628 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[29] = S-1-5-21-3845744863-2409227386-3211111987-2354 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[30] = S-1-5-21-3845744863-2409227386-3211111987-1625 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[31] = S-1-5-21-3845744863-2409227386-3211111987-1766 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[32] = S-1-5-21-3845744863-2409227386-3211111987-1768 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[33] = S-1-5-21-3845744863-2409227386-3211111987-3667 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[34] = S-1-5-21-3845744863-2409227386-3211111987-3759 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[35] = S-1-5-11 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): POLICY DECISION: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): access_granted = 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): access_denied = 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_done] (0x0400): GPO-based access control successful. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP Request [PAM Account #3]: Request handler finished [0]: Success (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [PAM Account #3]: Receiving request data. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [PAM Account #3]: Request removed. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400): Target selinux is not configured (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4728] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got request with the following data (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): command: SSS_PAM_SETCRED (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): domain: SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user: sweston@smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): service: gdm-password (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty: /dev/tty2 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): authtok type: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): cli_pid: 4714 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon name: not set
My config: [sssd] config_file_version = 2 reconnection_retries = 3 services = nss,pam domains = SMALLBUSINESS.LAN offline_timeout = 10 debug_level = 6 [nss] debug_level = 6 [pam] debug_level = 6 [domain/SMALLBUSINESS.LAN] debug_level = 6 access_provider = ad ad_domain = SMALLBUSINESS.LAN ad_gpo_access_control = permissive cache_credentials = True default_shell = /bin/bash fallback_homedir = /home/%u id_provider = ad krb5_store_password_if_offline = True ldap_id_mapping = True realmd_tags = manages-system joined-with-samba
The offline_timeout line is a recent addition which doesn't seem to have helped. I guess my question is why I have to restart SSSD for it "realise" that it's back online. Ideally I would like it to get a kerberos ticket as soon as it comes online which I guess it should do with the krb5_store_password_if_offline option set?
Thanks for all your help Sam
On Wed, 2017-09-27 at 15:30 +0000, Sam Weston wrote:
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi again,
The issue with password caching seems to have been solved. However with my 1.15.2 deployment still has one problem which is not present with 1.13. If you log in to a machine when it is offline, you have to reboot the machine or restart the sssd service for any Kerberos tickets to be obtained from the KDC when the machine comes back online.
This sounds similar to my problem and that one was fixed in 1.15.3, I cannot remember the ticket nr now :(
Jocke
If I originally login when the machine is offline, I get this ticket: sweston@sflt28:~$ klist Ticket cache: FILE:/tmp/krb5cc_1117605638_HtMNOv Default principal: sweston@SMALLBUSINESS.LAN
Valid starting Expires Service principal 01/01/70 01:00:00 01/01/70 01:00:00 krbtgt/SMALLBUSINESS.LAN@SMALLBUSINESS.LAN
If I log out and login again with the network cable plugged in, I still only have the above ticket. The logs look like this: Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_get_account_info_handler] (0x0200): Got request for [0x3][BE_REQ_INITGROUPS][name=sweston@smallbusiness.lan] (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [Initgroups #329]: New request. Flags [0x0001]. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [Initgroups #329]: Receiving request data. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_reply_gen_error] (0x0080): DP Request [Initgroups #329]: Finished. Backend is currently offline. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_table_value_destructor] (0x0400): Removing [0:1:0x0001:3::SMALLBUSINESS.LAN:name=sweston@smallbusiness.lan] from reply table (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [Initgroups #329]: Request removed. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got request with the following data (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): command: SSS_PAM_AUTHENTICATE (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): domain: SMALLBUSINESS.LAN (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user: sweston@smallbusiness.lan (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): service: sudo (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty: /dev/pts/0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser: sweston (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost: (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): authtok type: 1 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): cli_pid: 3849 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon name: not set (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [PAM Authenticate #330]: New request. Flags [0000]. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [krb5_auth_send] (0x0100): Home directory for user [sweston@smallbusiness.lan] not known. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD' (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [get_port_status] (0x0080): SSSD is unable to complete the full connection request, this internal status does not necessarily indicate network port issues. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send] (0x0020): No available servers for service 'AD' (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_enable] (0x0080): Task [Check if online (periodic)]: already enabled (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_run_offline_cb] (0x0080): Going offline. Running callbacks. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200): Entry [name=sweston@smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set [ts_cache] attrs. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_cache_auth] (0x0100): Hashes do match! (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP Request [PAM Authenticate #330]: Request handler finished [0]: Success (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [PAM Authenticate #330]: Receiving request data. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [PAM Authenticate #330]: Request removed. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400): Target selinux is not configured (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [3857] finished successfully. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400): Back end is offline (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task [Subdomains Refresh]: disabling task (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got request with the following data (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): command: SSS_PAM_ACCT_MGMT (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): domain: SMALLBUSINESS.LAN (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user: sweston@smallbusiness.lan (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): service: sudo (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty: /dev/pts/0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser: sweston (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost: (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): authtok type: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): cli_pid: 3849 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon name: not set (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [PAM Account #331]: New request. Flags [0000]. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_access_send] (0x0400): Performing access check for user [sweston@smallbusiness.lan] (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_account_expired_ad] (0x0400): Performing AD access check for user [sweston@smallbusiness.lan] (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_send] (0x0400): service sudo maps to Permitted (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_done] (0x0400): GPO-based access control successful. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP Request [PAM Account #331]: Request handler finished [0]: Success (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [PAM Account #331]: Receiving request data. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [PAM Account #331]: Request removed. (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400): Target selinux is not configured (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400): Back end is offline (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task [SUDO Smart Refresh]: disabling task (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400): Back end is offline (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task [SUDO Full Refresh]: disabling task (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [remove_krb5_info_files] (0x0200): Could not remove [/var/lib/sss/pubconf/kdcinfo.SMALLBUSINESS.LAN], [2][No such file or directory] (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [remove_krb5_info_files] (0x0200): Could not remove [/var/lib/sss/pubconf/kpasswdinfo.SMALLBUSINESS.LAN], [2][No such file or directory] (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400): Back end is offline (Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task [AD machine account password renewal]: disabling task
If I restart the sssd service and then lock the screen and login again everything works correctly. I get the ticket that I want: Ticket cache: FILE:/tmp/krb5cc_1117605638_HtMNOv Default principal: sweston@SMALLBUSINESS.LAN
Valid starting Expires Service principal 12/09/17 17:21:24 13/09/17 03:21:24 krbtgt/SMALLBUSINESS.LAN@SMALLBUSINESS.LAN renew until 13/09/17 17:21:24
Logs: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_get_account_info_handler] (0x0200): Got request for [0x3][BE_REQ_INITGROUPS][name=sweston@smallbusiness.lan] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [Initgroups #1]: New request. Flags [0x0001]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD_GC' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolve_srv_send] (0x0200): The status of SRV lookup is neutral (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_send] (0x0400): About to find domain controllers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_dc_servers_send] (0x0400): Looking up domain controllers in domain SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_discover_srv_next_domain] (0x0400): SRV resolution of service 'ldap'. Will use DNS discovery domain 'SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_getsrv_send] (0x0100): Trying to resolve SRV record of '_ldap._tcp.SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got answer. Processing... (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got 2 servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_dc_servers_done] (0x0400): Found 2 domain controllers in domain SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_dcs_done] (0x0400): About to locate suitable site (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_connect_host_send] (0x0400): Resolving host sfbackup02.smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of 'sfbackup02.smallbusiness.lan' in files (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve AAAA record of 'sfbackup02.smallbusiness.lan' in files (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_next] (0x0200): No more address families to retry (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of 'sfbackup02.smallbusiness.lan' in DNS (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_connect_host_resolv_done] (0x0400): Connecting to ldap://sfbackup02.smallbusiness.lan:389 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sssd_async_socket_init_send] (0x0400): Setting 6 seconds timeout for connecting (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_connect_host_done] (0x0400): Successful connection to ldap://sfbackup02.smallbusiness.lan:389 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(DnsDomain=SMALLBUSINESS.LAN)(NtVer=\14\00\00\00))][]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_client_site_done] (0x0400): Found site: Default-First-Site-Name (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_client_site_done] (0x0400): Found forest: SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_site_done] (0x0400): About to discover primary and backup servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_servers_send] (0x0400): Looking up primary servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_discover_srv_next_domain] (0x0400): SRV resolution of service 'gc'. Will use DNS discovery domain 'Default-First-Site-Name._sites.SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_getsrv_send] (0x0100): Trying to resolve SRV record of '_gc._tcp.Default-First-Site-Name._sites.SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got answer. Processing... (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got 2 servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_servers_primary_done] (0x0400): Looking up backup servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_discover_srv_next_domain] (0x0400): SRV resolution of service 'gc'. Will use DNS discovery domain 'SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_getsrv_send] (0x0100): Trying to resolve SRV record of '_gc._tcp.SMALLBUSINESS.LAN' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got answer. Processing... (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400): Got 2 servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_servers_done] (0x0400): Got 2 primary and 2 backup servers (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400): Inserted primary server 'sfpdc.smallbusiness.lan:3268' to service 'AD_GC' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400): Inserted primary server 'sfbackup02.smallbusiness.lan:3268' to service 'AD_GC' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400): Server 'sfbackup02.smallbusiness.lan:3268' for service 'AD_GC' is already present (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400): Server 'sfpdc.smallbusiness.lan:3268' for service 'AD_GC' is already present (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_srv_data_status] (0x0100): Marking SRV lookup of service 'AD_GC' as 'resolved' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of 'sfpdc.smallbusiness.lan' in files (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status] (0x0100): Marking server 'sfpdc.smallbusiness.lan' as 'resolving name' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve AAAA record of 'sfpdc.smallbusiness.lan' in files (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_next] (0x0200): No more address families to retry (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of 'sfpdc.smallbusiness.lan' in DNS (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor] (0x0400): Deleting request watch (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status] (0x0100): Marking server 'sfpdc.smallbusiness.lan' as 'name resolved' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_resolve_server_process] (0x0200): Found address for server sfpdc.smallbusiness.lan: [192.168.1.7] TTL 3600 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_resolve_callback] (0x0100): Constructed uri 'ldap://sfpdc.smallbusiness.lan' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_resolve_callback] (0x0100): Constructed GC uri 'ldap://sfpdc.smallbusiness.lan:3268' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sssd_async_socket_init_send] (0x0400): Setting 6 seconds timeout for connecting (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_server_opts_from_rootdse] (0x0100): Setting AD compatibility level to [4] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_kinit_send] (0x0400): Attempting kinit (default, SFLT28$, SMALLBUSINESS.LAN, 86400) (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_resolve_server_process] (0x0200): Found address for server sfbackup02.smallbusiness.lan: [192.168.1.3] TTL 3600 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [create_tgt_req_send_buffer] (0x0400): buffer size: 48 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_tgt_child_timeout] (0x0400): Setting 6 seconds timeout for tgt child (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4718] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_tgt_recv] (0x0400): Child responded: 0 [FILE:/var/lib/sss/db/ccache_SMALLBUSINESS.LAN], expired on [1505269284] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_cli_auth_step] (0x0100): expire timeout is 900 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sasl_bind_send] (0x0100): Executing sasl bind mech: gssapi, user: SFLT28$ (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_cli_connect_recv] (0x0400): Connection established. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0100): Marking port 3268 of server 'sfpdc.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status] (0x0100): Marking server 'sfpdc.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0400): Marking port 3268 of duplicate server 'sfpdc.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_initgr_next_base] (0x0400): Searching for users with base [DC=SMALLBUSINESS,DC=LAN] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(sAMAccountName=sweston)(objectclass=user)(objectSID=*))][DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Save user (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_primary_name] (0x0400): Processing object sweston (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Processing user sweston@smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Adding original memberOf attributes to [sweston@smallbusiness.lan]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Adding user principal [sweston@SMALLBUSINESS.LAN] to attributes of [sweston@smallbusiness.lan]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Storing info for user sweston@smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200): Entry [name=sweston@smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set [ts_cache] attrs. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [no filter][CN=Sam Weston,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix] (0x0400): Object SID [S-1-5-32-550] is a built-in one. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix] (0x0400): Object SID [S-1-5-32-545] is a built-in one. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix] (0x0400): Object SID [S-1-5-32-544] is a built-in one. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix] (0x0400): Object SID [S-1-5-32-549] is a built-in one. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix] (0x0400): Object SID [S-1-5-32-574] is a built-in one. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_initgr_done] (0x0400): Primary group already cached, nothing to do. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200): Entry [name=sweston@smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set [ts_cache] attrs. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP Request [Initgroups #1]: Request handler finished [0]: Success (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [Initgroups #1]: Receiving request data. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_initgr_pp] (0x0400): Ordering NSS responder to update memory cache (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_reply_list_success] (0x0400): DP Request [Initgroups #1]: Finished. Success. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_table_value_destructor] (0x0400): Removing [0:1:0x0001:3::SMALLBUSINESS.LAN:name=sweston@smallbusiness.lan] from reply table (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [Initgroups #1]: Request removed. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got request with the following data (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): command: SSS_PAM_AUTHENTICATE (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): domain: SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user: sweston@smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): service: gdm-password (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty: /dev/tty2 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): authtok type: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): cli_pid: 4714 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon name: not set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [PAM Authenticate #2]: New request. Flags [0000]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [krb5_auth_send] (0x0100): Home directory for user [sweston@smallbusiness.lan] not known. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'AD' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolve_srv_send] (0x0200): The status of SRV lookup is resolved (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_resolve_server_process] (0x0200): Found address for server sfbackup02.smallbusiness.lan: [192.168.1.3] TTL 3600 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0100): Marking port 389 of server 'sfbackup02.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status] (0x0100): Marking server 'sfbackup02.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0400): Marking port 389 of duplicate server 'sfbackup02.smallbusiness.lan' as 'working' (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200): Entry [name=sweston@smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set [ts_cache] attrs. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200): Entry [name=sweston@smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set [cache, ts_cache] attrs. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP Request [PAM Authenticate #2]: Request handler finished [0]: Success (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [PAM Authenticate #2]: Receiving request data. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [PAM Authenticate #2]: Request removed. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400): Target selinux is not configured (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4719] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got request with the following data (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): command: SSS_PAM_ACCT_MGMT (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): domain: SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user: sweston@smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): service: gdm-password (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty: /dev/tty2 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): authtok type: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): cli_pid: 4714 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon name: not set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP Request [PAM Account #3]: New request. Flags [0000]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number of active DP request: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_access_send] (0x0400): Performing access check for user [sweston@smallbusiness.lan] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_account_expired_ad] (0x0400): Performing AD access check for user [sweston@smallbusiness.lan] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_send] (0x0400): service gdm-password maps to Interactive (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_connect_done] (0x0400): sam_account_name is SFLT28$ (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(objectclass=user)(sAMAccountName=SFLT28$))][dc=smallbusiness,dc=lan]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [objectclass=domain][DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_next_done] (0x0400): Found SID [S-1-5-21-3845744863-2409227386-3211111987]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(DnsDomain=SMALLBUSINESS.LAN)(NtVer=\14\00\00\00))][]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_netlogon_done] (0x0400): Found flat name [SMALLBUSINESS]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_netlogon_done] (0x0400): Found site [Default-First-Site-Name]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_netlogon_done] (0x0400): Found forest [SMALLBUSINESS.LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done] (0x0400): som_list[0]->som_dn is OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done] (0x0400): som_list[1]->som_dn is OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done] (0x0400): som_list[2]->som_dn is OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done] (0x0400): som_list[3]->som_dn is DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done] (0x0400): som_list[4]->som_dn is cn=Default-First-Site-Name,cn=Sites,CN=Configuration,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list] (0x0400): som_dn: OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list] (0x0400): som_dn: OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list] (0x0400): som_dn: OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list] (0x0400): som_dn: DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn=Default-First-Site-Name,cn=Sites,CN=Configuration,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_get_som_attrs_done] (0x0040): no attrs found for SOM; try next SOM (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[0]->gpo_dn: CN={7D28B004-B249-49B0-A8CE-BA2A0B9F56EA},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[1]->gpo_dn: CN={7F8D8A41-8831-4EF1-990F-3AECF333E735},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[2]->gpo_dn: CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[3]->gpo_dn: cn={BA4389F2-AD33-4678-BF30-44D81E900008},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[4]->gpo_dn: cn={5F743845-71B6-4CDF-965F-20360E51C01A},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[5]->gpo_dn: cn={8FC54817-BD35-4D6F-AB72-E799C66667E8},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[6]->gpo_dn: cn={CED4E066-9ADF-47A5-8F92-BBDDB522A034},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[7]->gpo_dn: cn={6ECD6877-791E-4F38-9945-EFAF733C3475},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[8]->gpo_dn: cn={CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[9]->gpo_dn: cn={57EF63D0-BF6F-4079-BD9B-9D896BB9A495},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[10]->gpo_dn: cn={29274130-3B70-4A97-AB38-25EA9D8D0F67},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[11]->gpo_dn: cn={D6B5C6DF-114E-49FC-976E-5B8893FA1E27},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[12]->gpo_dn: cn={3452D745-B138-4799-A555-1EBFB3654704},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[13]->gpo_dn: cn={B42D8E08-C289-436C-8E31-BD3DD2A415DC},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos] (0x0400): candidate_gpos[14]->gpo_dn: cn={355444B3-99ED-4D77-B9EC-BAF3EAA17AA7},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [CN={7D28B004-B249-49B0-A8CE-BA2A0B9F56EA},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][CN={7D28B004-B249-49B0-A8CE-BA2A0B9F56EA},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [CN={7F8D8A41-8831-4EF1-990F-3AECF333E735},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][CN={7F8D8A41-8831-4EF1-990F-3AECF333E735},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={BA4389F2-AD33-4678-BF30-44D81E900008},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={BA4389F2-AD33-4678-BF30-44D81E900008},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={5F743845-71B6-4CDF-965F-20360E51C01A},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={5F743845-71B6-4CDF-965F-20360E51C01A},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={8FC54817-BD35-4D6F-AB72-E799C66667E8},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={8FC54817-BD35-4D6F-AB72-E799C66667E8},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={CED4E066-9ADF-47A5-8F92-BBDDB522A034},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={CED4E066-9ADF-47A5-8F92-BBDDB522A034},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={6ECD6877-791E-4F38-9945-EFAF733C3475},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={6ECD6877-791E-4F38-9945-EFAF733C3475},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={57EF63D0-BF6F-4079-BD9B-9D896BB9A495},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={57EF63D0-BF6F-4079-BD9B-9D896BB9A495},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={29274130-3B70-4A97-AB38-25EA9D8D0F67},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={29274130-3B70-4A97-AB38-25EA9D8D0F67},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={D6B5C6DF-114E-49FC-976E-5B8893FA1E27},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={D6B5C6DF-114E-49FC-976E-5B8893FA1E27},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={3452D745-B138-4799-A555-1EBFB3654704},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={3452D745-B138-4799-A555-1EBFB3654704},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={B42D8E08-C289-436C-8E31-BD3DD2A415DC},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={B42D8E08-C289-436C-8E31-BD3DD2A415DC},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400): Searching entry [cn={355444B3-99ED-4D77-B9EC-BAF3EAA17AA7},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN] using SD (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send] (0x0400): WARNING: Disabling paging because scope is set to base. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(objectclass=*)][cn={355444B3-99ED-4D77-B9EC-BAF3EAA17AA7},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[0]->gpo_guid is {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[1]->gpo_guid is {7F8D8A41-8831-4EF1-990F-3AECF333E735} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[2]->gpo_guid is {BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[3]->gpo_guid is {5F743845-71B6-4CDF-965F-20360E51C01A} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[4]->gpo_guid is {8FC54817-BD35-4D6F-AB72-E799C66667E8} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[5]->gpo_guid is {CED4E066-9ADF-47A5-8F92-BBDDB522A034} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[6]->gpo_guid is {6ECD6877-791E-4F38-9945-EFAF733C3475} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[7]->gpo_guid is {CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[8]->gpo_guid is {57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[9]->gpo_guid is {29274130-3B70-4A97-AB38-25EA9D8D0F67} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[10]->gpo_guid is {D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[11]->gpo_guid is {3452D745-B138-4799-A555-1EBFB3654704} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[12]->gpo_guid is {B42D8E08-C289-436C-8E31-BD3DD2A415DC} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): dacl_filtered_gpos[13]->gpo_guid is {355444B3-99ED-4D77-B9EC-BAF3EAA17AA7} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): cse_filtered_gpos[0]->gpo_guid is {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): cse_filtered_gpos[1]->gpo_guid is {BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): cse_filtered_gpos[2]->gpo_guid is {57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): cse_filtered_gpos[3]->gpo_guid is {D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done] (0x0400): num_cse_filtered_gpos: 4 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_gpo_delete_gpo_result_object] (0x0400): Deleting GPO Result object (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse filtered_gpos[0]->gpo_guid is {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_server: smb://sfpdc.smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_share: /SysVol (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_path: /SMALLBUSINESS.LAN/Policies/{7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): gpo_guid: {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): retrieving GPO from cache [{7D28B004-B249-49B0-A8CE-BA2A0B9F56EA}] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): send_to_child: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cached_gpt_version: 655593 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400): sysvol_gpt_version: 655593 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400): gpo_guid: {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse filtered_gpos[1]->gpo_guid is {BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_server: smb://sfpdc.smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_share: /SysVol (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_path: /SMALLBUSINESS.LAN/Policies/{BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): gpo_guid: {BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): retrieving GPO from cache [{BA4389F2-AD33-4678-BF30-44D81E900008}] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): send_to_child: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cached_gpt_version: 10 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0020): waitpid did not found a child with changed status. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4722] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400): sysvol_gpt_version: 10 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400): gpo_guid: {BA4389F2-AD33-4678-BF30-44D81E900008} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_store_policy_settings] (0x0020): [/var/lib/sss/gpo_cache/SMALLBUSINESS.LAN/Policies/{BA4389F2-AD33-4678-BF30-44D81E900008}/Machine/Microsoft/Windows NT/SecEdit/GptTmpl.inf]: ini_config_parse failed [5][Input/output error] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_store_policy_settings] (0x0020): Error (5) on line 7: Equal sign is missing. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_store_policy_settings] (0x0020): Error (5) on line 8: Equal sign is missing. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse filtered_gpos[2]->gpo_guid is {57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_server: smb://sfpdc.smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_share: /SysVol (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_path: /SMALLBUSINESS.LAN/Policies/{57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): gpo_guid: {57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): retrieving GPO from cache [{57EF63D0-BF6F-4079-BD9B-9D896BB9A495}] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): send_to_child: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cached_gpt_version: 8 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0020): waitpid did not found a child with changed status. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4724] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400): sysvol_gpt_version: 8 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400): gpo_guid: {57EF63D0-BF6F-4079-BD9B-9D896BB9A495} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_gpo_store_gpo_result_setting] (0x0400): Storing setting: key [SeDenyInteractiveLogonRight] value [*S-1-5-21-3845744863-2409227386-3211111987-3806] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_gpo_store_gpo_result_setting] (0x0400): Updating setting: key [SeDenyRemoteInteractiveLogonRight] value [*S-1-5-21-3845744863-2409227386-3211111987-3806] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse filtered_gpos[3]->gpo_guid is {D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_server: smb://sfpdc.smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_share: /SysVol (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): smb_path: /SMALLBUSINESS.LAN/Policies/{D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): gpo_guid: {D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): retrieving GPO from cache [{D6B5C6DF-114E-49FC-976E-5B8893FA1E27}] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): send_to_child: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cached_gpt_version: 262220 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0020): waitpid did not found a child with changed status. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4726] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400): All data has been sent! (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF received, client finished (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400): sysvol_gpt_version: 262220 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400): gpo_guid: {D6B5C6DF-114E-49FC-976E-5B8893FA1E27} (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_gpo_get_gpo_result_setting] (0x0400): key [SeInteractiveLogonRight] value [(null)] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [parse_policy_setting_value] (0x0400): No value for key [SeInteractiveLogonRight] found in gpo result (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_gpo_get_gpo_result_setting] (0x0400): key [SeDenyInteractiveLogonRight] value [*S-1-5-21-3845744863-2409227386-3211111987-3806] (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): RESULTANT POLICY: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): gpo_map_type: Interactive (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): allowed_size = 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): denied_size = 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): denied_sids[0] = S-1-5-21-3845744863-2409227386-3211111987-3806 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): CURRENT USER: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): user_sid = S-1-5-21-3845744863-2409227386-3211111987-5638 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[0] = S-1-5-21-3845744863-2409227386-3211111987-5652 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[1] = S-1-5-21-3845744863-2409227386-3211111987-5656 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[2] = S-1-5-21-3845744863-2409227386-3211111987-3798 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[3] = S-1-5-21-3845744863-2409227386-3211111987-5655 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[4] = S-1-5-21-3845744863-2409227386-3211111987-5659 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[5] = S-1-5-21-3845744863-2409227386-3211111987-5653 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[6] = S-1-5-21-3845744863-2409227386-3211111987-5660 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[7] = S-1-5-21-3845744863-2409227386-3211111987-5663 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[8] = S-1-5-21-3845744863-2409227386-3211111987-5732 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[9] = S-1-5-21-3845744863-2409227386-3211111987-3722 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[10] = S-1-5-21-3845744863-2409227386-3211111987-5709 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[11] = S-1-5-21-3845744863-2409227386-3211111987-512 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[12] = S-1-5-21-3845744863-2409227386-3211111987-3823 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[13] = S-1-5-21-3845744863-2409227386-3211111987-5654 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[14] = S-1-5-21-3845744863-2409227386-3211111987-513 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[15] = S-1-5-21-3845744863-2409227386-3211111987-3665 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[16] = S-1-5-21-3845744863-2409227386-3211111987-3737 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[17] = S-1-5-21-3845744863-2409227386-3211111987-3754 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[18] = S-1-5-21-3845744863-2409227386-3211111987-5665 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[19] = S-1-5-21-3845744863-2409227386-3211111987-3715 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[20] = S-1-5-21-3845744863-2409227386-3211111987-5661 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[21] = S-1-5-21-3845744863-2409227386-3211111987-3812 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[22] = S-1-5-21-3845744863-2409227386-3211111987-572 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[23] = S-1-5-21-3845744863-2409227386-3211111987-3610 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[24] = S-1-5-21-3845744863-2409227386-3211111987-1182 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[25] = S-1-5-21-3845744863-2409227386-3211111987-1627 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[26] = S-1-5-21-3845744863-2409227386-3211111987-1630 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[27] = S-1-5-21-3845744863-2409227386-3211111987-1767 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[28] = S-1-5-21-3845744863-2409227386-3211111987-1628 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[29] = S-1-5-21-3845744863-2409227386-3211111987-2354 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[30] = S-1-5-21-3845744863-2409227386-3211111987-1625 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[31] = S-1-5-21-3845744863-2409227386-3211111987-1766 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[32] = S-1-5-21-3845744863-2409227386-3211111987-1768 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[33] = S-1-5-21-3845744863-2409227386-3211111987-3667 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[34] = S-1-5-21-3845744863-2409227386-3211111987-3759 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): group_sids[35] = S-1-5-11 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): POLICY DECISION: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): access_granted = 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): access_denied = 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_done] (0x0400): GPO-based access control successful. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP Request [PAM Account #3]: Request handler finished [0]: Success (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP Request [PAM Account #3]: Receiving request data. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP Request [PAM Account #3]: Request removed. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): Number of active DP request: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400): Target selinux is not configured (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100): child [4728] finished successfully. (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got request with the following data (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): command: SSS_PAM_SETCRED (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): domain: SMALLBUSINESS.LAN (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user: sweston@smallbusiness.lan (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): service: gdm-password (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty: /dev/tty2 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost: (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): authtok type: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): newauthtok type: 0 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv: 1 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): cli_pid: 4714 (Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon name: not set
My config: [sssd] config_file_version = 2 reconnection_retries = 3 services = nss,pam domains = SMALLBUSINESS.LAN offline_timeout = 10 debug_level = 6 [nss] debug_level = 6 [pam] debug_level = 6 [domain/SMALLBUSINESS.LAN] debug_level = 6 access_provider = ad ad_domain = SMALLBUSINESS.LAN ad_gpo_access_control = permissive cache_credentials = True default_shell = /bin/bash fallback_homedir = /home/%u id_provider = ad krb5_store_password_if_offline = True ldap_id_mapping = True realmd_tags = manages-system joined-with-samba
The offline_timeout line is a recent addition which doesn't seem to have helped. I guess my question is why I have to restart SSSD for it "realise" that it's back online. Ideally I would like it to get a kerberos ticket as soon as it comes online which I guess it should do with the krb5_store_password_if_offline option set?
Thanks for all your help Sam _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org
On (09/10/17 12:35), Joakim Tjernlund wrote:
On Wed, 2017-09-27 at 15:30 +0000, Sam Weston wrote:
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi again,
The issue with password caching seems to have been solved. However with my 1.15.2 deployment still has one problem which is not present with 1.13. If you log in to a machine when it is offline, you have to reboot the machine or restart the sssd service for any Kerberos tickets to be obtained from the KDC when the machine comes back online.
This sounds similar to my problem and that one was fixed in 1.15.3, I cannot remember the ticket nr now :(
https://pagure.io/SSSD/sssd/issue/3406 :-)
LS
sssd-users@lists.fedorahosted.org