<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Am 12.06.2013 12:03, schrieb Sumit
Bose:<br>
</div>
<blockquote cite="mid:20130612100328.GP6550@localhost.localdomain"
type="cite">
<pre wrap="">On Wed, Jun 12, 2013 at 11:42:23AM +0200, Leah Zimmermann wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Dear List Members,
I have a FreeIPA-Domain on a CentOS 6.4 machine. It is in a trusted
relationship to an AD-Domain.
The users of the AD-Domain can login via ssh- or console-login. Then
they can start the gnome desktop manually. But if they login via gdm
they logged out immediatly.
</pre>
</blockquote>
<pre wrap="">
Which name style are you using 'AD_NETBIOS\username' or
'username@AD_DOMAIN' ? If you only tried one can you try the other?</pre>
</blockquote>
until now I tried only 'username@AD_DOMAIN', but
'AD_NETBIOS\username' does not work as well.<br>
<blockquote cite="mid:20130612100328.GP6550@localhost.localdomain"
type="cite">
<pre wrap="">
If this does not help, please send the relevant section of
/var/Log/secure and the sssd logs with a high debug level.
</pre>
</blockquote>
As far as I can see, both styles causing the same results.<br>
<br>
<font face="Courier New, Courier, monospace">Jun 12 13:27:56
ipa_hostname pam: gdm-password: pam_unix(gdm-password:auth):
authentication failure; logname= uid=0 euid=0 tty=:0 ruser=
rhost= user=leah@AD_DOMAIN<br>
Jun 12 13:27:57 ipa_hostname pam: gdm-password:
pam_sss(gdm-password:auth): authentication success; logname= uid=0
euid=0 tty=:0 ruser= rhost= user=leah@AD_DOMAIN<br>
Jun 12 13:27:57 ipa_hostname pam: gdm-password:
pam_unix(gdm-password:session): session opened for user
leah@AD_DOMAIN by (uid=0)<br>
Jun 12 13:27:57 ipa_hostname polkitd(authority=local):
Unregistered Authentication Agent for session
/org/freedesktop/ConsoleKit/Session25 (system bus name :1.265,
object path /org/gnome/PolicyKit1/AuthenticationAgent, locale
de_DE.UTF-8) (disconnected from bus)<br>
Jun 12 13:27:58 ipa_hostname pam: gdm-password:
pam_unix(gdm-password:session): session closed for user
leah@AD_DOMAIN<br>
Jun 12 13:27:59 ipa_hostname polkitd(authority=local): Registered
Authentication Agent for session
/org/freedesktop/ConsoleKit/Session27 (system bus name :1.275
[/usr/libexec/polkit-gnome-authentication-agent-1], object path
/org/gnome/PolicyKit1/AuthenticationAgent, locale de_DE.UTF-8)<br>
<br>
<br>
Jun 12 13:32:56 ipa_hostname pam: gdm-password:
pam_unix(gdm-password:auth): authentication failure; logname=
uid=0 euid=0 tty=:0 ruser= rhost= user=AD_NETBIOS\leah<br>
Jun 12 13:32:58 ipa_hostname pam: gdm-password:
pam_sss(gdm-password:auth): authentication success; logname= uid=0
euid=0 tty=:0 ruser= rhost= user=AD_NETBIOS\leah<br>
Jun 12 13:32:58 ipa_hostname pam: gdm-password:
pam_unix(gdm-password:session): session opened for user
AD_NETBIOS\leah by (uid=0)<br>
Jun 12 13:32:58 ipa_hostname polkitd(authority=local):
Unregistered Authentication Agent for session
/org/freedesktop/ConsoleKit/Session27 (system bus name :1.275,
object path /org/gnome/PolicyKit1/AuthenticationAgent, locale
de_DE.UTF-8) (disconnected from bus)<br>
Jun 12 13:32:58 ipa_hostname pam: gdm-password:
pam_unix(gdm-password:session): session closed for user
AD_NETBIOS\leah<br>
Jun 12 13:32:59 ipa_hostname polkitd(authority=local): Registered
Authentication Agent for session
/org/freedesktop/ConsoleKit/Session29 (system bus name :1.285
[/usr/libexec/polkit-gnome-authentication-agent-1], object path
/org/gnome/PolicyKit1/AuthenticationAgent, locale de_DE.UTF-8)<br>
</font><br>
May be the <font face="Courier New, Courier, monospace">Unregistered
Authentication Agent </font>is the problem. But what I have
missed to do?<br>
<br>
Thanks <br>
<br>
Leah<br>
</body>
</html>