FYI: Workaround is adding
---------------
ad_enable_gc = False
---------------
to sssd.conf.
Thank you for finding this. I guess the reason is that the shell and
home-directory attributes are not replicated to the global catalog (GC).
I opened
to track this.
As a workaround you might want to keep 'ad_enable_gc = False' in your
sssd.conf or replicate the related attributes to the GC.
bye,
Sumit
On 10/23/2014 11:54 AM, Joschi Brauchle wrote:
>I did some further investigation. Here is the sequence of commands that
>show the problem:
>---------------
>st-test:/ # getent passwd ne96soh
>ne96soh:*:3036404:3000000:Joschi Brauchle:/home/ne96soh:/bin/bash
>---------------
>st-test:/ # id ne96soh
>uid=3036404(ne96soh) gid=3000000(tu00000gv-0defprim)
>groups=3000000(tu00000gv-0defprim),3404101(tu00000gv-0maallenog),3441052(tueifeigv-0feidrshar),3372549(tueifeigv-0nasadming),3398968(tueifeigv-0mitarbei),3394214(tueilntgv-0sysadmin),3319720(tu00000gv-0maalle),3393702(tueilntgv-0staff),3394681(tueilntgv-0all)
>
>---------------
>st-test:/ # getent passwd ne96soh
>ne96soh:*:3036404:3000000:ne96soh:/:
>---------------
>
>
>This is the diff of my user record in the SSSD cache_default.ldb
>database before and after the 'id' command:
>--- ne96soh.ok.log 2014-10-23 11:43:09.433558359 +0200
>+++ ne96soh.broken.log 2014-10-23 11:43:27.112797876 +0200
>@@ -1,14 +1,15 @@
>-gecos: Joschi Brauchle
>+gecos: ne96soh
>-homeDirectory: /home/ne96soh
>-loginShell: /bin/bash
>-adAccountExpires: 9223372036854775807
>+memberof: <my group1>
>+memberof: <my group2>
>...
>
>Clearly the diff shows that important information is *missing* from my
>user record after the 'id' command.
>
>Thus, I cannot log into my machine!
>
>Is this a known problem with SSSD 1.12.1?
>
>Best regards,
>Joschi Brauchle
>
>On 10/21/2014 07:22 PM, Joschi Brauchle wrote:
>>Hello,
>>
>>I have this strange effect:
>>
>>tueilnt-st-test2:/ # sss_cache -U
>>tueilnt-st-test2:/ # finger ne96soh
>>Login: ne96soh Name: Joschi Brauchle
>>Directory: /nas/ei/home/ne96soh Shell: /bin/bash
>>On since Tue Oct 21 19:15 (CEST) on pts/1, idle 0:01,
>> from mo-brauchle.lnt.ei.tum.de
>>Last login Tue Oct 21 19:15 (CEST) on :0 from console
>>No Mail.
>>No Plan.
>>
>>tueilnt-st-test2:/ # id ne96soh
>>uid=3036404(ne96soh) gid=3000000(tu00000gv-0defprim)
>>groups=3000000(tu00000gv-0defprim),3404101(tu00000gv-0maallenog),3441052(tueifeigv-0feidrshar),3372549(tueifeigv-0nasadming),3398968(tueifeigv-0mitarbei),3394214(tueilntgv-0sysadmin),3319720(tu00000gv-0maalle),3393702(tueilntgv-0staff),3394681(tueilntgv-0all)
>>
>>
>>
>>tueilnt-st-test2:/ # finger ne96soh
>>Login: ne96soh Name: ne96soh
>>Directory: /nas/ei/home/ne96soh Shell: /bin/sh
>>On since Tue Oct 21 19:15 (CEST) on pts/1, idle 0:01,
>> from mo-brauchle.lnt.ei.tum.de
>>Last login Tue Oct 21 19:15 (CEST) on :0 from console
>>No Mail.
>>No Plan.
>>
>>Also, X login is not possible with the message "user account is
>>disabled". I think this could possibly be related to the shell that X
>>inquires for user ne96soh.
>>
>>Any suggestions?
>>
>>Best regards,
>>Joschi Brauchle
>>
>>
>>
>>_______________________________________________
>>sssd-users mailing list
>>sssd-users(a)lists.fedorahosted.org
>>https://lists.fedorahosted.org/mailman/listinfo/sssd-users
>
>
>
>_______________________________________________
>sssd-users mailing list
>sssd-users(a)lists.fedorahosted.org
>https://lists.fedorahosted.org/mailman/listinfo/sssd-users
>
--
Dipl.-Ing. Joschi Brauchle, M.S.
Institute for Communications Engineering (LNT)
Technische Universitaet Muenchen (TUM)
80290 Munich, Germany
Tel (work): +49 89 289-23474
Fax (work): +49 89 289-23490
E-mail: joschi.brauchle(a)tum.de
Web:
http://www.lnt.ei.tum.de/
_______________________________________________
sssd-users mailing list
sssd-users(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users