On Tue, Feb 28, 2017 at 09:23:47PM +0100, Jakub Hrozek wrote:
On Tue, Feb 28, 2017 at 01:05:19PM -0600, Brenden Morgenthaler
> We have multiple linux servers configured with SSSD/realmd for authentication to
Active Directory. The systems are configured without winbind so using Kerberos to
authenticate to the domain. Once SMBv1 was disabled on the domain controller none of the
machines could authenticate users. Any idea on why this would happen when we should be
configured for kerberos authentication?
No idea, the authentication uses, as you said, Kerberos. Did you already
look into SSSD debug logs?
It might be related to reading the GPO files for access control, please
check the system logs which PAM step (auth, acct) failed. As Jakub said
SSSD debug logs will have more details as well, please see
> sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
> To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org