New subject: Kerberos Tickets not obtained until restart of SSSD

Wednesday, 27 September 2017

Hi again,

The issue with password caching seems to have been solved. However with my 1.15.2
deployment still has one problem which is not present with 1.13. If you log in to a
machine when it is offline, you have to reboot the machine or restart the sssd service for
any Kerberos tickets to be obtained from the KDC when the machine comes back online.

If I originally login when the machine is offline, I get this ticket:
sweston@sflt28:~$ klist
Ticket cache: FILE:/tmp/krb5cc_1117605638_HtMNOv
Default principal: sweston(a)SMALLBUSINESS.LAN

Valid starting     Expires            Service principal
01/01/70 01:00:00  01/01/70 01:00:00  krbtgt/SMALLBUSINESS.LAN(a)SMALLBUSINESS.LAN

If I log out and login again with the network cable plugged in, I still only have the
above ticket. The logs look like this:
Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_get_account_info_handler]
(0x0200): Got request for [0x3][BE_REQ_INITGROUPS][name=sweston(a)smallbusiness.lan]
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP
Request [Initgroups #329]: New request. Flags [0x0001].
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number
of active DP request: 1
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP
Request [Initgroups #329]: Receiving request data.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_reply_gen_error]
(0x0080): DP Request [Initgroups #329]: Finished. Backend is currently offline.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_table_value_destructor]
(0x0400): Removing [0:1:0x0001:3::SMALLBUSINESS.LAN:name=sweston@smallbusiness.lan] from
reply table
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP
Request [Initgroups #329]: Request removed.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400):
Number of active DP request: 0
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got
request with the following data
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
command: SSS_PAM_AUTHENTICATE
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
domain: SMALLBUSINESS.LAN
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user:
sweston(a)smallbusiness.lan
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
service: sudo
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty:
/dev/pts/0
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser:
sweston
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost:

(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
authtok type: 1
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
newauthtok type: 0
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv:
0
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
cli_pid: 3849
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon
name: not set
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP
Request [PAM Authenticate #330]: New request. Flags [0000].
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number
of active DP request: 1
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [krb5_auth_send] (0x0100): Home
directory for user [sweston(a)smallbusiness.lan] not known.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send]
(0x0100): Trying to resolve service 'AD'
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [get_port_status] (0x0080): SSSD
is unable to complete the full connection request, this internal status does not
necessarily indicate network port issues.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send]
(0x0020): No available servers for service 'AD'
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_enable] (0x0080): Task
[Check if online (periodic)]: already enabled
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_run_offline_cb] (0x0080):
Going offline. Running callbacks.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400):
All data has been sent!
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF
received, client finished
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200):
Entry [name=sweston(a)smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set
[ts_cache] attrs.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_cache_auth] (0x0100):
Hashes do match!
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP
Request [PAM Authenticate #330]: Request handler finished [0]: Success
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP
Request [PAM Authenticate #330]: Receiving request data.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP
Request [PAM Authenticate #330]: Request removed.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400):
Number of active DP request: 0
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400):
Target selinux is not configured
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100):
child [3857] finished successfully.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400):
Back end is offline
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task
[Subdomains Refresh]: disabling task
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got
request with the following data
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
command: SSS_PAM_ACCT_MGMT
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
domain: SMALLBUSINESS.LAN
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user:
sweston(a)smallbusiness.lan
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
service: sudo
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty:
/dev/pts/0
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser:
sweston
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost:

(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
authtok type: 0
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
newauthtok type: 0
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv:
0
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
cli_pid: 3849
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon
name: not set
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP
Request [PAM Account #331]: New request. Flags [0000].
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number
of active DP request: 1
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_access_send] (0x0400):
Performing access check for user [sweston(a)smallbusiness.lan]
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_account_expired_ad]
(0x0400): Performing AD access check for user [sweston(a)smallbusiness.lan]
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_send] (0x0400):
service sudo maps to Permitted
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_done] (0x0400):
GPO-based access control successful.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP
Request [PAM Account #331]: Request handler finished [0]: Success
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP
Request [PAM Account #331]: Receiving request data.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP
Request [PAM Account #331]: Request removed.
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400):
Number of active DP request: 0
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400):
Target selinux is not configured
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400):
Back end is offline
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task
[SUDO Smart Refresh]: disabling task
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400):
Back end is offline
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task
[SUDO Full Refresh]: disabling task
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [remove_krb5_info_files]
(0x0200): Could not remove [/var/lib/sss/pubconf/kdcinfo.SMALLBUSINESS.LAN], [2][No such
file or directory]
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [remove_krb5_info_files]
(0x0200): Could not remove [/var/lib/sss/pubconf/kpasswdinfo.SMALLBUSINESS.LAN], [2][No
such file or directory]
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_offline_cb] (0x0400):
Back end is offline
(Tue Sep 12 17:17:08 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_ptask_disable] (0x0400): Task
[AD machine account password renewal]: disabling task

If I restart the sssd service and then lock the screen and login again everything works
correctly. I get the ticket that I want:
Ticket cache: FILE:/tmp/krb5cc_1117605638_HtMNOv
Default principal: sweston(a)SMALLBUSINESS.LAN

Valid starting     Expires            Service principal
12/09/17 17:21:24  13/09/17 03:21:24  krbtgt/SMALLBUSINESS.LAN(a)SMALLBUSINESS.LAN
	renew until 13/09/17 17:21:24

Logs:
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_get_account_info_handler]
(0x0200): Got request for [0x3][BE_REQ_INITGROUPS][name=sweston(a)smallbusiness.lan]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP
Request [Initgroups #1]: New request. Flags [0x0001].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number
of active DP request: 1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send]
(0x0100): Trying to resolve service 'AD_GC'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolve_srv_send] (0x0200): The
status of SRV lookup is neutral
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_send] (0x0400):
About to find domain controllers
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_dc_servers_send]
(0x0400): Looking up domain controllers in domain SMALLBUSINESS.LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_discover_srv_next_domain]
(0x0400): SRV resolution of service 'ldap'. Will use DNS discovery domain
'SMALLBUSINESS.LAN'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_getsrv_send] (0x0100):
Trying to resolve SRV record of '_ldap._tcp.SMALLBUSINESS.LAN'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor]
(0x0400): Deleting request watch
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400):
Got answer. Processing...
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400):
Got 2 servers
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_dc_servers_done]
(0x0400): Found 2 domain controllers in domain SMALLBUSINESS.LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_dcs_done]
(0x0400): About to locate suitable site
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_connect_host_send]
(0x0400): Resolving host sfbackup02.smallbusiness.lan
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send]
(0x0100): Trying to resolve A record of 'sfbackup02.smallbusiness.lan' in files
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send]
(0x0100): Trying to resolve AAAA record of 'sfbackup02.smallbusiness.lan' in
files
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_next]
(0x0200): No more address families to retry
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_dns_query]
(0x0100): Trying to resolve A record of 'sfbackup02.smallbusiness.lan' in DNS
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor]
(0x0400): Deleting request watch
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_connect_host_resolv_done]
(0x0400): Connecting to ldap://sfbackup02.smallbusiness.lan:389
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sssd_async_socket_init_send]
(0x0400): Setting 6 seconds timeout for connecting
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_connect_host_done]
(0x0400): Successful connection to ldap://sfbackup02.smallbusiness.lan:389
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(&(DnsDomain=SMALLBUSINESS.LAN)(NtVer=\14\00\00\00))][].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_client_site_done]
(0x0400): Found site: Default-First-Site-Name
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_get_client_site_done]
(0x0400): Found forest: SMALLBUSINESS.LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_site_done]
(0x0400): About to discover primary and backup servers
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_servers_send]
(0x0400): Looking up primary servers
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_discover_srv_next_domain]
(0x0400): SRV resolution of service 'gc'. Will use DNS discovery domain
'Default-First-Site-Name._sites.SMALLBUSINESS.LAN'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_getsrv_send] (0x0100):
Trying to resolve SRV record of
'_gc._tcp.Default-First-Site-Name._sites.SMALLBUSINESS.LAN'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor]
(0x0400): Deleting request watch
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400):
Got answer. Processing...
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400):
Got 2 servers
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[fo_discover_servers_primary_done] (0x0400): Looking up backup servers
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_discover_srv_next_domain]
(0x0400): SRV resolution of service 'gc'. Will use DNS discovery domain
'SMALLBUSINESS.LAN'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_getsrv_send] (0x0100):
Trying to resolve SRV record of '_gc._tcp.SMALLBUSINESS.LAN'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor]
(0x0400): Deleting request watch
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400):
Got answer. Processing...
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_discover_srv_done] (0x0400):
Got 2 servers
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_srv_plugin_servers_done]
(0x0400): Got 2 primary and 2 backup servers
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400):
Inserted primary server 'sfpdc.smallbusiness.lan:3268' to service 'AD_GC'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400):
Inserted primary server 'sfbackup02.smallbusiness.lan:3268' to service
'AD_GC'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400):
Server 'sfbackup02.smallbusiness.lan:3268' for service 'AD_GC' is already
present
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_add_server_to_list] (0x0400):
Server 'sfpdc.smallbusiness.lan:3268' for service 'AD_GC' is already
present
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_srv_data_status] (0x0100):
Marking SRV lookup of service 'AD_GC' as 'resolved'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send]
(0x0100): Trying to resolve A record of 'sfpdc.smallbusiness.lan' in files
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status]
(0x0100): Marking server 'sfpdc.smallbusiness.lan' as 'resolving name'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_files_send]
(0x0100): Trying to resolve AAAA record of 'sfpdc.smallbusiness.lan' in files
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_next]
(0x0200): No more address families to retry
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolv_gethostbyname_dns_query]
(0x0100): Trying to resolve A record of 'sfpdc.smallbusiness.lan' in DNS
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [request_watch_destructor]
(0x0400): Deleting request watch
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status]
(0x0100): Marking server 'sfpdc.smallbusiness.lan' as 'name resolved'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_resolve_server_process]
(0x0200): Found address for server sfpdc.smallbusiness.lan: [192.168.1.7] TTL 3600
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_resolve_callback] (0x0100):
Constructed uri 'ldap://sfpdc.smallbusiness.lan'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_resolve_callback] (0x0100):
Constructed GC uri 'ldap://sfpdc.smallbusiness.lan:3268'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sssd_async_socket_init_send]
(0x0400): Setting 6 seconds timeout for connecting
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with [(objectclass=*)][].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[sdap_get_server_opts_from_rootdse] (0x0100): Setting AD compatibility level to [4]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_kinit_send] (0x0400):
Attempting kinit (default, SFLT28$, SMALLBUSINESS.LAN, 86400)
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send]
(0x0100): Trying to resolve service 'AD'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolve_srv_send] (0x0200): The
status of SRV lookup is resolved
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_resolve_server_process]
(0x0200): Found address for server sfbackup02.smallbusiness.lan: [192.168.1.3] TTL 3600
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [create_tgt_req_send_buffer]
(0x0400): buffer size: 48
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_tgt_child_timeout] (0x0400):
Setting 6 seconds timeout for tgt child
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400):
All data has been sent!
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100):
child [4718] finished successfully.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF
received, client finished
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_tgt_recv] (0x0400):
Child responded: 0 [FILE:/var/lib/sss/db/ccache_SMALLBUSINESS.LAN], expired on
[1505269284]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_cli_auth_step] (0x0100):
expire timeout is 900
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sasl_bind_send] (0x0100):
Executing sasl bind mech: gssapi, user: SFLT28$
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_cli_connect_recv] (0x0400):
Connection established.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0100):
Marking port 3268 of server 'sfpdc.smallbusiness.lan' as 'working'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status]
(0x0100): Marking server 'sfpdc.smallbusiness.lan' as 'working'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0400):
Marking port 3268 of duplicate server 'sfpdc.smallbusiness.lan' as
'working'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_initgr_next_base]
(0x0400): Searching for users with base [DC=SMALLBUSINESS,DC=LAN]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(&(sAMAccountName=sweston)(objectclass=user)(objectSID=*))][DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Save
user
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_primary_name] (0x0400):
Processing object sweston
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400):
Processing user sweston(a)smallbusiness.lan
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Adding
original memberOf attributes to [sweston(a)smallbusiness.lan].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400): Adding
user principal [sweston(a)SMALLBUSINESS.LAN] to attributes of [sweston(a)smallbusiness.lan].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_save_user] (0x0400):
Storing info for user sweston(a)smallbusiness.lan
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200):
Entry [name=sweston(a)smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set
[ts_cache] attrs.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with [no filter][CN=Sam
Weston,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix]
(0x0400): Object SID [S-1-5-32-550] is a built-in one.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix]
(0x0400): Object SID [S-1-5-32-545] is a built-in one.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix]
(0x0400): Object SID [S-1-5-32-544] is a built-in one.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix]
(0x0400): Object SID [S-1-5-32-549] is a built-in one.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_idmap_sid_to_unix]
(0x0400): Object SID [S-1-5-32-574] is a built-in one.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[sdap_ad_save_group_membership_with_idmapping] (0x0400): Skipping built-in object.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_initgr_done] (0x0400):
Primary group already cached, nothing to do.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200):
Entry [name=sweston(a)smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set
[ts_cache] attrs.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP
Request [Initgroups #1]: Request handler finished [0]: Success
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP
Request [Initgroups #1]: Receiving request data.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_initgr_pp] (0x0400):
Ordering NSS responder to update memory cache
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_reply_list_success]
(0x0400): DP Request [Initgroups #1]: Finished. Success.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_table_value_destructor]
(0x0400): Removing [0:1:0x0001:3::SMALLBUSINESS.LAN:name=sweston@smallbusiness.lan] from
reply table
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP
Request [Initgroups #1]: Request removed.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400):
Number of active DP request: 0
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got
request with the following data
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
command: SSS_PAM_AUTHENTICATE
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
domain: SMALLBUSINESS.LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user:
sweston(a)smallbusiness.lan
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
service: gdm-password
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty:
/dev/tty2
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser:

(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost:

(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
authtok type: 1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
newauthtok type: 0
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv:
1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
cli_pid: 4714
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon
name: not set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP
Request [PAM Authenticate #2]: New request. Flags [0000].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number
of active DP request: 1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [krb5_auth_send] (0x0100): Home
directory for user [sweston(a)smallbusiness.lan] not known.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_resolve_service_send]
(0x0100): Trying to resolve service 'AD'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [resolve_srv_send] (0x0200): The
status of SRV lookup is resolved
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [be_resolve_server_process]
(0x0200): Found address for server sfbackup02.smallbusiness.lan: [192.168.1.3] TTL 3600
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400):
All data has been sent!
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF
received, client finished
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0100):
Marking port 389 of server 'sfbackup02.smallbusiness.lan' as 'working'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [set_server_common_status]
(0x0100): Marking server 'sfbackup02.smallbusiness.lan' as 'working'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [fo_set_port_status] (0x0400):
Marking port 389 of duplicate server 'sfbackup02.smallbusiness.lan' as
'working'
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200):
Entry [name=sweston(a)smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set
[ts_cache] attrs.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sysdb_set_entry_attr] (0x0200):
Entry [name=sweston(a)smallbusiness.lan,cn=users,cn=SMALLBUSINESS.LAN,cn=sysdb] has set
[cache, ts_cache] attrs.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP
Request [PAM Authenticate #2]: Request handler finished [0]: Success
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP
Request [PAM Authenticate #2]: Receiving request data.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP
Request [PAM Authenticate #2]: Request removed.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400):
Number of active DP request: 0
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400):
Target selinux is not configured
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100):
child [4719] finished successfully.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got
request with the following data
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
command: SSS_PAM_ACCT_MGMT
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
domain: SMALLBUSINESS.LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user:
sweston(a)smallbusiness.lan
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
service: gdm-password
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty:
/dev/tty2
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser:

(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost:

(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
authtok type: 0
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
newauthtok type: 0
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv:
1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
cli_pid: 4714
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon
name: not set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): DP
Request [PAM Account #3]: New request. Flags [0000].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_attach_req] (0x0400): Number
of active DP request: 1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_access_send] (0x0400):
Performing access check for user [sweston(a)smallbusiness.lan]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_account_expired_ad]
(0x0400): Performing AD access check for user [sweston(a)smallbusiness.lan]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_send] (0x0400):
service gdm-password maps to Interactive
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_connect_done] (0x0400):
sam_account_name is SFLT28$
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(&(objectclass=user)(sAMAccountName=SFLT28$))][dc=smallbusiness,dc=lan].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with [objectclass=domain][DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_next_done]
(0x0400): Found SID [S-1-5-21-3845744863-2409227386-3211111987].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(&(DnsDomain=SMALLBUSINESS.LAN)(NtVer=\14\00\00\00))][].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_netlogon_done]
(0x0400): Found flat name [SMALLBUSINESS].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_netlogon_done]
(0x0400): Found site [Default-First-Site-Name].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_master_domain_netlogon_done]
(0x0400): Found forest [SMALLBUSINESS.LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with [(objectclass=*)][].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done]
(0x0400): som_list[0]->som_dn is
OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done]
(0x0400): som_list[1]->som_dn is OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done]
(0x0400): som_list[2]->som_dn is OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done]
(0x0400): som_list[3]->som_dn is DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_site_dn_retrieval_done]
(0x0400): som_list[4]->som_dn is
cn=Default-First-Site-Name,cn=Sites,CN=Configuration,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list]
(0x0400): som_dn: OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list]
(0x0400): som_dn: OU=Computers,OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list]
(0x0400): som_dn: OU=MyBusiness,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with [(objectclass=*)][DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_gplink_list]
(0x0400): som_dn: DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn=Default-First-Site-Name,cn=Sites,CN=Configuration,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_get_som_attrs_done]
(0x0040): no attrs found for SOM; try next SOM
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[0]->gpo_dn:
CN={7D28B004-B249-49B0-A8CE-BA2A0B9F56EA},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[1]->gpo_dn:
CN={7F8D8A41-8831-4EF1-990F-3AECF333E735},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[2]->gpo_dn:
CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[3]->gpo_dn:
cn={BA4389F2-AD33-4678-BF30-44D81E900008},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[4]->gpo_dn:
cn={5F743845-71B6-4CDF-965F-20360E51C01A},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[5]->gpo_dn:
cn={8FC54817-BD35-4D6F-AB72-E799C66667E8},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[6]->gpo_dn:
cn={CED4E066-9ADF-47A5-8F92-BBDDB522A034},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[7]->gpo_dn:
cn={6ECD6877-791E-4F38-9945-EFAF733C3475},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[8]->gpo_dn:
cn={CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[9]->gpo_dn:
cn={57EF63D0-BF6F-4079-BD9B-9D896BB9A495},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[10]->gpo_dn:
cn={29274130-3B70-4A97-AB38-25EA9D8D0F67},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[11]->gpo_dn:
cn={D6B5C6DF-114E-49FC-976E-5B8893FA1E27},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[12]->gpo_dn:
cn={3452D745-B138-4799-A555-1EBFB3654704},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[13]->gpo_dn:
cn={B42D8E08-C289-436C-8E31-BD3DD2A415DC},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_populate_candidate_gpos]
(0x0400): candidate_gpos[14]->gpo_dn:
cn={355444B3-99ED-4D77-B9EC-BAF3EAA17AA7},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[CN={7D28B004-B249-49B0-A8CE-BA2A0B9F56EA},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][CN={7D28B004-B249-49B0-A8CE-BA2A0B9F56EA},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[CN={7F8D8A41-8831-4EF1-990F-3AECF333E735},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][CN={7F8D8A41-8831-4EF1-990F-3AECF333E735},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={BA4389F2-AD33-4678-BF30-44D81E900008},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={BA4389F2-AD33-4678-BF30-44D81E900008},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={5F743845-71B6-4CDF-965F-20360E51C01A},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={5F743845-71B6-4CDF-965F-20360E51C01A},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={8FC54817-BD35-4D6F-AB72-E799C66667E8},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={8FC54817-BD35-4D6F-AB72-E799C66667E8},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={CED4E066-9ADF-47A5-8F92-BBDDB522A034},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={CED4E066-9ADF-47A5-8F92-BBDDB522A034},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={6ECD6877-791E-4F38-9945-EFAF733C3475},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={6ECD6877-791E-4F38-9945-EFAF733C3475},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={57EF63D0-BF6F-4079-BD9B-9D896BB9A495},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={57EF63D0-BF6F-4079-BD9B-9D896BB9A495},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={29274130-3B70-4A97-AB38-25EA9D8D0F67},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={29274130-3B70-4A97-AB38-25EA9D8D0F67},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={D6B5C6DF-114E-49FC-976E-5B8893FA1E27},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={D6B5C6DF-114E-49FC-976E-5B8893FA1E27},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={3452D745-B138-4799-A555-1EBFB3654704},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={3452D745-B138-4799-A555-1EBFB3654704},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={B42D8E08-C289-436C-8E31-BD3DD2A415DC},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={B42D8E08-C289-436C-8E31-BD3DD2A415DC},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_sd_search_send] (0x0400):
Searching entry
[cn={355444B3-99ED-4D77-B9EC-BAF3EAA17AA7},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN]
using SD
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_send]
(0x0400): WARNING: Disabling paging because scope is set to base.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(objectclass=*)][cn={355444B3-99ED-4D77-B9EC-BAF3EAA17AA7},cn=policies,cn=system,DC=SMALLBUSINESS,DC=LAN].
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [sdap_get_generic_op_finished]
(0x0400): Search result: Success(0), no errmsg set
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[0]->gpo_guid is {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[1]->gpo_guid is {7F8D8A41-8831-4EF1-990F-3AECF333E735}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[2]->gpo_guid is {BA4389F2-AD33-4678-BF30-44D81E900008}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[3]->gpo_guid is {5F743845-71B6-4CDF-965F-20360E51C01A}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[4]->gpo_guid is {8FC54817-BD35-4D6F-AB72-E799C66667E8}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[5]->gpo_guid is {CED4E066-9ADF-47A5-8F92-BBDDB522A034}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[6]->gpo_guid is {6ECD6877-791E-4F38-9945-EFAF733C3475}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[7]->gpo_guid is {CE7CA45B-21CC-4C6C-A9F6-DCED4A0D7C93}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[8]->gpo_guid is {57EF63D0-BF6F-4079-BD9B-9D896BB9A495}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[9]->gpo_guid is {29274130-3B70-4A97-AB38-25EA9D8D0F67}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[10]->gpo_guid is {D6B5C6DF-114E-49FC-976E-5B8893FA1E27}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[11]->gpo_guid is {3452D745-B138-4799-A555-1EBFB3654704}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[12]->gpo_guid is {B42D8E08-C289-436C-8E31-BD3DD2A415DC}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): dacl_filtered_gpos[13]->gpo_guid is {355444B3-99ED-4D77-B9EC-BAF3EAA17AA7}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): cse_filtered_gpos[0]->gpo_guid is {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): cse_filtered_gpos[1]->gpo_guid is {BA4389F2-AD33-4678-BF30-44D81E900008}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): cse_filtered_gpos[2]->gpo_guid is {57EF63D0-BF6F-4079-BD9B-9D896BB9A495}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): cse_filtered_gpos[3]->gpo_guid is {D6B5C6DF-114E-49FC-976E-5B8893FA1E27}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_process_gpo_done]
(0x0400): num_cse_filtered_gpos: 4
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[sysdb_gpo_delete_gpo_result_object] (0x0400): Deleting GPO Result object
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse
filtered_gpos[0]->gpo_guid is {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_server: smb://sfpdc.smallbusiness.lan
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_share: /SysVol
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_path: /SMALLBUSINESS.LAN/Policies/{7D28B004-B249-49B0-A8CE-BA2A0B9F56EA}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
gpo_guid: {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
retrieving GPO from cache [{7D28B004-B249-49B0-A8CE-BA2A0B9F56EA}]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
send_to_child: 1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
cached_gpt_version: 655593
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400):
All data has been sent!
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF
received, client finished
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400):
sysvol_gpt_version: 655593
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400):
gpo_guid: {7D28B004-B249-49B0-A8CE-BA2A0B9F56EA}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse
filtered_gpos[1]->gpo_guid is {BA4389F2-AD33-4678-BF30-44D81E900008}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_server: smb://sfpdc.smallbusiness.lan
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_share: /SysVol
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_path: /SMALLBUSINESS.LAN/Policies/{BA4389F2-AD33-4678-BF30-44D81E900008}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
gpo_guid: {BA4389F2-AD33-4678-BF30-44D81E900008}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
retrieving GPO from cache [{BA4389F2-AD33-4678-BF30-44D81E900008}]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
send_to_child: 1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
cached_gpt_version: 10
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0020):
waitpid did not found a child with changed status.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100):
child [4722] finished successfully.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400):
All data has been sent!
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF
received, client finished
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400):
sysvol_gpt_version: 10
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400):
gpo_guid: {BA4389F2-AD33-4678-BF30-44D81E900008}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_store_policy_settings]
(0x0020):
[/var/lib/sss/gpo_cache/SMALLBUSINESS.LAN/Policies/{BA4389F2-AD33-4678-BF30-44D81E900008}/Machine/Microsoft/Windows
NT/SecEdit/GptTmpl.inf]: ini_config_parse failed [5][Input/output error]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_store_policy_settings]
(0x0020): Error (5) on line 7: Equal sign is missing.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_store_policy_settings]
(0x0020): Error (5) on line 8: Equal sign is missing.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse
filtered_gpos[2]->gpo_guid is {57EF63D0-BF6F-4079-BD9B-9D896BB9A495}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_server: smb://sfpdc.smallbusiness.lan
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_share: /SysVol
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_path: /SMALLBUSINESS.LAN/Policies/{57EF63D0-BF6F-4079-BD9B-9D896BB9A495}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
gpo_guid: {57EF63D0-BF6F-4079-BD9B-9D896BB9A495}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
retrieving GPO from cache [{57EF63D0-BF6F-4079-BD9B-9D896BB9A495}]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
send_to_child: 1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
cached_gpt_version: 8
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0020):
waitpid did not found a child with changed status.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100):
child [4724] finished successfully.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400):
All data has been sent!
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF
received, client finished
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400):
sysvol_gpt_version: 8
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400):
gpo_guid: {57EF63D0-BF6F-4079-BD9B-9D896BB9A495}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[sysdb_gpo_store_gpo_result_setting] (0x0400): Storing setting: key
[SeDenyInteractiveLogonRight] value [*S-1-5-21-3845744863-2409227386-3211111987-3806]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[sysdb_gpo_store_gpo_result_setting] (0x0400): Updating setting: key
[SeDenyRemoteInteractiveLogonRight] value
[*S-1-5-21-3845744863-2409227386-3211111987-3806]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400): cse
filtered_gpos[3]->gpo_guid is {D6B5C6DF-114E-49FC-976E-5B8893FA1E27}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_server: smb://sfpdc.smallbusiness.lan
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_share: /SysVol
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
smb_path: /SMALLBUSINESS.LAN/Policies/{D6B5C6DF-114E-49FC-976E-5B8893FA1E27}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
gpo_guid: {D6B5C6DF-114E-49FC-976E-5B8893FA1E27}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
retrieving GPO from cache [{D6B5C6DF-114E-49FC-976E-5B8893FA1E27}]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
send_to_child: 1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_step] (0x0400):
cached_gpt_version: 262220
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0020):
waitpid did not found a child with changed status.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100):
child [4726] finished successfully.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [write_pipe_handler] (0x0400):
All data has been sent!
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [read_pipe_handler] (0x0400): EOF
received, client finished
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [gpo_cse_done] (0x0400):
sysvol_gpt_version: 262220
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_cse_done] (0x0400):
gpo_guid: {D6B5C6DF-114E-49FC-976E-5B8893FA1E27}
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[sysdb_gpo_get_gpo_result_setting] (0x0400): key [SeInteractiveLogonRight] value [(null)]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [parse_policy_setting_value]
(0x0400): No value for key [SeInteractiveLogonRight] found in gpo result
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]]
[sysdb_gpo_get_gpo_result_setting] (0x0400): key [SeDenyInteractiveLogonRight] value
[*S-1-5-21-3845744863-2409227386-3211111987-3806]
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):
RESULTANT POLICY:
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):
gpo_map_type: Interactive
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):
allowed_size = 0
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):
denied_size = 1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): 
denied_sids[0] = S-1-5-21-3845744863-2409227386-3211111987-3806
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):
CURRENT USER:
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
     user_sid = S-1-5-21-3845744863-2409227386-3211111987-5638
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[0] = S-1-5-21-3845744863-2409227386-3211111987-5652
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[1] = S-1-5-21-3845744863-2409227386-3211111987-5656
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[2] = S-1-5-21-3845744863-2409227386-3211111987-3798
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[3] = S-1-5-21-3845744863-2409227386-3211111987-5655
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[4] = S-1-5-21-3845744863-2409227386-3211111987-5659
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[5] = S-1-5-21-3845744863-2409227386-3211111987-5653
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[6] = S-1-5-21-3845744863-2409227386-3211111987-5660
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[7] = S-1-5-21-3845744863-2409227386-3211111987-5663
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[8] = S-1-5-21-3845744863-2409227386-3211111987-5732
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[9] = S-1-5-21-3845744863-2409227386-3211111987-3722
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[10] = S-1-5-21-3845744863-2409227386-3211111987-5709
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[11] = S-1-5-21-3845744863-2409227386-3211111987-512
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[12] = S-1-5-21-3845744863-2409227386-3211111987-3823
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[13] = S-1-5-21-3845744863-2409227386-3211111987-5654
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[14] = S-1-5-21-3845744863-2409227386-3211111987-513
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[15] = S-1-5-21-3845744863-2409227386-3211111987-3665
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[16] = S-1-5-21-3845744863-2409227386-3211111987-3737
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[17] = S-1-5-21-3845744863-2409227386-3211111987-3754
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[18] = S-1-5-21-3845744863-2409227386-3211111987-5665
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[19] = S-1-5-21-3845744863-2409227386-3211111987-3715
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[20] = S-1-5-21-3845744863-2409227386-3211111987-5661
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[21] = S-1-5-21-3845744863-2409227386-3211111987-3812
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[22] = S-1-5-21-3845744863-2409227386-3211111987-572
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[23] = S-1-5-21-3845744863-2409227386-3211111987-3610
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[24] = S-1-5-21-3845744863-2409227386-3211111987-1182
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[25] = S-1-5-21-3845744863-2409227386-3211111987-1627
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[26] = S-1-5-21-3845744863-2409227386-3211111987-1630
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[27] = S-1-5-21-3845744863-2409227386-3211111987-1767
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[28] = S-1-5-21-3845744863-2409227386-3211111987-1628
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[29] = S-1-5-21-3845744863-2409227386-3211111987-2354
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[30] = S-1-5-21-3845744863-2409227386-3211111987-1625
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[31] = S-1-5-21-3845744863-2409227386-3211111987-1766
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[32] = S-1-5-21-3845744863-2409227386-3211111987-1768
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[33] = S-1-5-21-3845744863-2409227386-3211111987-3667
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[34] = S-1-5-21-3845744863-2409227386-3211111987-3759
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
group_sids[35] = S-1-5-11
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):
POLICY DECISION:
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400): 
access_granted = 1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_check] (0x0400):  
access_denied = 0
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [ad_gpo_access_done] (0x0400):
GPO-based access control successful.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_done] (0x0400): DP
Request [PAM Account #3]: Request handler finished [0]: Success
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [_dp_req_recv] (0x0400): DP
Request [PAM Account #3]: Receiving request data.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400): DP
Request [PAM Account #3]: Request removed.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_req_destructor] (0x0400):
Number of active DP request: 0
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_method_enabled] (0x0400):
Target selinux is not configured
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [child_sig_handler] (0x0100):
child [4728] finished successfully.
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [dp_pam_handler] (0x0100): Got
request with the following data
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
command: SSS_PAM_SETCRED
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
domain: SMALLBUSINESS.LAN
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): user:
sweston(a)smallbusiness.lan
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
service: gdm-password
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): tty:
/dev/tty2
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): ruser:

(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): rhost:

(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
authtok type: 0
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
newauthtok type: 0
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): priv:
1
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100):
cli_pid: 4714
(Tue Sep 12 17:21:24 2017) [sssd[be[SMALLBUSINESS.LAN]]] [pam_print_data] (0x0100): logon
name: not set

My config:
[sssd]
config_file_version = 2
reconnection_retries = 3
services = nss,pam
domains = SMALLBUSINESS.LAN
offline_timeout = 10
debug_level = 6
[nss]
debug_level = 6
[pam]
debug_level = 6
[domain/SMALLBUSINESS.LAN]
debug_level = 6
access_provider = ad
ad_domain = SMALLBUSINESS.LAN
ad_gpo_access_control = permissive
cache_credentials = True
default_shell = /bin/bash
fallback_homedir = /home/%u
id_provider = ad
krb5_store_password_if_offline = True
ldap_id_mapping = True
realmd_tags = manages-system joined-with-samba

The offline_timeout line is a recent addition which doesn't seem to have helped. I
guess my question is why I have to restart SSSD for it "realise" that it's
back online. Ideally I would like it to get a kerberos ticket as soon as it comes online
which I guess it should do with the krb5_store_password_if_offline option set?

Thanks for all your help
Sam

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Kerberos Tickets not obtained until restart of SSSD