[Freeipa-devel] pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ilt-gif-ipa01.ipa.preprod.local user=aduser at corp.addomain.com
rajat gupta
rajat.linux at gmail.com
Thu Aug 25 09:13:03 UTC 2016
I am getting bellow menage in logs.
when i trying to check the status for sssd service i am getting *Cannot
find KDC for realm "ADDOMAIN.COM <http://ADDOMAIN.COM>" *at the end
#systemctl status sssd
â sssd.service - System Security Services Daemon
Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor
preset: disabled)
Drop-In: /etc/systemd/system/sssd.service.d
ââjournal.conf
Active: active (running) since Thu 2016-08-25 09:36:26 CEST; 8min ago
Main PID: 11031 (sssd)
CGroup: /system.slice/sssd.service
ââ11031 /usr/sbin/sssd -D -f
ââ11032 /usr/libexec/sssd/sssd_be --domain ipa.preprod.local
--uid 0 --gid 0 --debug-to-files
ââ11033 /usr/libexec/sssd/sssd_nss --uid 0 --gid 0
--debug-to-files
ââ11034 /usr/libexec/sssd/sssd_sudo --uid 0 --gid 0
--debug-to-files
ââ11035 /usr/libexec/sssd/sssd_pam --uid 0 --gid 0
--debug-to-files
ââ11036 /usr/libexec/sssd/sssd_ssh --uid 0 --gid 0
--debug-to-files
ââ11037 /usr/libexec/sssd/sssd_pac --uid 0 --gid 0
--debug-to-files
Aug 25 09:36:26 ilt-gif-ipa02.ipa.preprod.local sssd[ssh][11036]: Starting
up
Aug 25 09:36:26 ilt-gif-ipa02.ipa.preprod.local sssd[pac][11037]: Starting
up
Aug 25 09:36:26 ilt-gif-ipa02.ipa.preprod.local sssd_nss[11033]: chown
failed for [sssd_nss]: [2]
Aug 25 09:36:26 ilt-gif-ipa02.ipa.preprod.local sssd[nss][11033]: Starting
up
Aug 25 09:36:26 ilt-gif-ipa02.ipa.preprod.local sssd_be[11032]: GSSAPI
client step 1
Aug 25 09:36:26 ilt-gif-ipa02.ipa.preprod.local sssd_be[11032]: GSSAPI
client step 1
Aug 25 09:36:26 ilt-gif-ipa02.ipa.preprod.local systemd[1]: Started System
Security Services Daemon.
Aug 25 09:36:26 ilt-gif-ipa02.ipa.preprod.local sssd_be[11032]: GSSAPI
client step 1
Aug 25 09:36:27 ilt-gif-ipa02.ipa.preprod.local sssd_be[11032]: GSSAPI
client step 2
Aug 25 09:36:37 ilt-gif-ipa02.ipa.preprod.local
[sssd[krb5_child[11262]]][11262]: *Cannot find KDC for realm "ADDOMAIN.COM
<http://ADDOMAIN.COM>" *
Following are me logs message after enabling the debug_level
*sssd_nss.log*
Thu Aug 25 11:05:08 2016) [sssd[nss]] [server_setup] (0x0400): CONFDB:
/var/lib/sss/db/config.ldb
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [confdb_get_domain_internal]
(0x0400): No enumeration for [ipa.preprod.local]!
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sbus_init_connection] (0x0400):
Adding connection 0x7fa634ad29b0
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.sssd.service with path
/org/freedesktop/sssd/service
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sbus_conn_register_path] (0x0400):
Registering object path /org/freedesktop/sssd/service with D-Bus connection
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.DBus.Properties with path
/org/freedesktop/sssd/service
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.DBus.Introspectable with
path /org/freedesktop/sssd/service
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [monitor_common_send_id] (0x0100):
Sending ID: (nss,1)
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_names_init_from_args] (0x0100):
Using re
[(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))].
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_fqnames_init] (0x0100): Using
fq format [%1$s@%2$s].
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sbus_init_connection] (0x0400):
Adding connection 0x7fa634ad1710
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.sssd.dataprovider_rev with
path /org/freedesktop/sssd/dataprovider
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sbus_conn_register_path] (0x0400):
Registering object path /org/freedesktop/sssd/dataprovider with D-Bus
connection
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.DBus.Properties with path
/org/freedesktop/sssd/dataprovider
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.DBus.Introspectable with
path /org/freedesktop/sssd/dataprovider
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [dp_common_send_id] (0x0100):
Sending ID to DP: (1,NSS)
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sysdb_domain_init_internal]
(0x0200): DB File for ipa.preprod.local:
/var/lib/sss/db/cache_ipa.preprod.local.ldb
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [ldb] (0x0400): asq: Unable to
register control with rootdse!
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_process_init] (0x0400):
Responder Initialization complete
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_parse_name_for_domains]
(0x0200): name 'root' matched without domain, user is root
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_ncache_set_str] (0x0400):
Adding [NCE/USER/ipa.preprod.local/root] to negative cache permanently
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_parse_name_for_domains]
(0x0200): name 'root' matched without domain, user is root
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_ncache_set_str] (0x0400):
Adding [NCE/GROUP/ipa.preprod.local/root] to negative cache permanently
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /bin/sh in /etc/shells
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /bin/bash in /etc/shells
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /sbin/nologin in /etc/shells
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /usr/bin/sh in /etc/shells
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /usr/bin/bash in /etc/shells
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /usr/sbin/nologin in /etc/shells
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /bin/ksh in /etc/shells
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /bin/tcsh in /etc/shells
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /bin/csh in /etc/shells
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [nss_get_etc_shells] (0x0400): Found
shell /bin/rksh in /etc/shells
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [responder_set_fd_limit] (0x0100):
Maximum file descriptors set to [8192]
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_names_init_from_args] (0x0100):
Using re
[(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))].
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_fqnames_init] (0x0100): Using
fq format [%1$s@%2$s].
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [nss_process_init] (0x0400): NSS
Initialization complete
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_dp_issue_request] (0x0400):
Issuing request for [0x7fa63456a990:domains at ipa.preprod.local]
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_dp_get_domains_msg] (0x0400):
Sending get domains request for [ipa.preprod.local][]
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [sss_dp_internal_get_send] (0x0400):
Entering request [0x7fa63456a990:domains at ipa.preprod.local]
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [dp_id_callback] (0x0100): Got id
ack and version (1) from DP
(Thu Aug 25 11:05:08 2016) [sssd[nss]] [id_callback] (0x0100): Got id ack
and version (1) from Monitor
(Thu Aug 25 11:05:09 2016) [sssd[nss]] [new_subdomain] (0x0400): Creating [
corp.addomain.com] as subdomain of [ipa.preprod.local]!
(Thu Aug 25 11:05:09 2016) [sssd[nss]] [sss_parse_name_for_domains]
(0x0200): name 'root' matched without domain, user is root
(Thu Aug 25 11:05:09 2016) [sssd[nss]] [sss_ncache_set_str] (0x0400):
Adding [NCE/USER/ipa.preprod.local/root] to negative cache permanently
(Thu Aug 25 11:05:09 2016) [sssd[nss]] [sss_parse_name_for_domains]
(0x0200): name 'root' matched without domain, user is root
(Thu Aug 25 11:05:09 2016) [sssd[nss]] [sss_ncache_set_str] (0x0400):
Adding [NCE/GROUP/ipa.preprod.local/root] to negative cache permanently
(Thu Aug 25 11:05:09 2016) [sssd[nss]] [sss_dp_req_destructor] (0x0400):
Deleting request: [0x7fa63456a990:domains at ipa.preprod.local]
(Thu Aug 25 11:05:10 2016) [sssd[nss]] [accept_fd_handler] (0x0400): Client
connected!
(Thu Aug 25 11:05:10 2016) [sssd[nss]] [sss_cmd_get_version] (0x0200):
Received client version [1].
(Thu Aug 25 11:05:10 2016) [sssd[nss]] [sss_cmd_get_version] (0x0200):
Offered version [1].
(Thu Aug 25 11:05:10 2016) [sssd[nss]] [nss_cmd_getbynam] (0x0400): Running
command [17] with input [aduser at corp.addomain.com].
(Thu Aug 25 11:05:10 2016) [sssd[nss]] [sss_parse_name_for_domains]
(0x0200): name 'aduser at corp.addomain.com' matched expression for domain '
corp.addomain.com', user is aduser
(Thu Aug 25 11:05:10 2016) [sssd[nss]] [nss_cmd_getbynam] (0x0100):
Requesting info for [aduser] from [corp.addomain.com]
(Thu Aug 25 11:05:10 2016) [sssd[nss]] [nss_cmd_getpwnam_search] (0x0100):
Requesting info for [aduser at corp.addomain.com]
(Thu Aug 25 11:05:10 2016) [sssd[nss]] [get_dp_name_and_id] (0x0400): Not a
LOCAL view, continuing with provided values.
(Thu Aug 25 11:05:10 2016) [sssd[nss]] [check_cache] (0x0400): Cached entry
is valid, returning..
(Thu Aug 25 11:05:10 2016) [sssd[nss]] [nss_cmd_getpwnam_search] (0x0400):
Returning info for user [aduser at corp.addomain.com]
(Thu Aug 25 11:05:14 2016) [sssd[nss]] [client_recv] (0x0200): Client
disconnected!
*krb5_child.log*
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13058]]]] [main] (0x0400):
Will perform pre-auth
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13058]]]] [get_and_save_tgt]
(0x0400): Attempting kinit for realm [ADDOMAIN.COM]
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13058]]]] [get_and_save_tgt]
(0x0400): krb5_get_init_creds_password returned [-1765328230} during
pre-auth.
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13058]]]] [k5c_send_data]
(0x0200): Received error code 0
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13058]]]] [main] (0x0400):
krb5_child completed successfully
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [main] (0x0400):
krb5_child started.
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [unpack_buffer]
(0x0100): cmd [241] uid [1007656917] gid [1007656917] validate [true]
enterprise principal [false] offline [false] UPN [Rajat.Gupta at ADDOMAIN.COM]
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [unpack_buffer]
(0x0100): ccname: [KEYRING:persistent:1007656917] old_ccname:
[KEYRING:persistent:1007656917] keytab: [/etc/krb5.keytab]
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [switch_creds]
(0x0200): Switch user to [1007656917][1007656917].
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [switch_creds]
(0x0200): Switch user to [0][0].
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [k5c_setup_fast]
(0x0100): SSSD_KRB5_FAST_PRINCIPAL is set to
[host/ilt-gif-ipa02.ipa.preprod.local at IPA.PREPROD.LOCAL]
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [check_fast_ccache]
(0x0200): FAST TGT is still valid.
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [become_user]
(0x0200): Trying to become user [1007656917][1007656917].
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]]
[set_lifetime_options] (0x0100): Cannot read [SSSD_KRB5_RENEWABLE_LIFETIME]
from environment.
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]]
[set_lifetime_options] (0x0100): Cannot read [SSSD_KRB5_LIFETIME] from
environment.
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]]
[set_canonicalize_option] (0x0100): SSSD_KRB5_CANONICALIZE is set to [true]
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [main] (0x0400):
Will perform online auth
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [get_and_save_tgt]
(0x0400): Attempting kinit for realm [ADDOMAIN.COM]
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [get_and_save_tgt]
(0x0020): 1234: [-1765328230][Cannot find KDC for realm "ADDOMAIN.COM"]
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [map_krb5_error]
(0x0020): 1303: [-1765328230][Cannot find KDC for realm "ADDOMAIN.COM"]
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [k5c_send_data]
(0x0200): Received error code 1432158209
(Thu Aug 25 09:53:52 2016) [[sssd[krb5_child[13059]]]] [main] (0x0400):
krb5_child completed successfully
*sssd_pam.log*
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [server_setup] (0x0400): CONFDB:
/var/lib/sss/db/config.ldb
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [confdb_get_domain_internal]
(0x0400): No enumeration for [ipa.preprod.local]!
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [confdb_get_domain_internal]
(0x1000): pwd_expiration_warning is -1
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_init_connection] (0x0400):
Adding connection 0x7f445ba66500
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_add_watch] (0x2000):
0x7f445ba6c130/0x7f445ba6ae70 (15), -/W (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6c130/0x7f445ba6aec0 (15), R/- (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.sssd.service with path
/org/freedesktop/sssd/service
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_conn_register_path] (0x0400):
Registering object path /org/freedesktop/sssd/service with D-Bus connection
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.DBus.Properties with path
/org/freedesktop/sssd/service
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.DBus.Introspectable with
path /org/freedesktop/sssd/service
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [monitor_common_send_id] (0x0100):
Sending ID: (pam,1)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_add_timeout] (0x2000):
0x7f445ba667f0
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6c130/0x7f445ba6aec0 (15), R/- (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6c130/0x7f445ba6ae70 (15), -/W (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sss_names_init_from_args] (0x0100):
Using re
[(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))].
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sss_fqnames_init] (0x0100): Using
fq format [%1$s@%2$s].
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_init_connection] (0x0400):
Adding connection 0x7f445ba69d30
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_add_watch] (0x2000):
0x7f445ba6ce50/0x7f445ba69bc0 (16), -/W (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6ce50/0x7f445ba69c10 (16), R/- (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.sssd.dataprovider with path
/org/freedesktop/sssd/dataprovider
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_conn_register_path] (0x0400):
Registering object path /org/freedesktop/sssd/dataprovider with D-Bus
connection
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.DBus.Properties with path
/org/freedesktop/sssd/dataprovider
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_opath_hash_add_iface]
(0x0400): Registering interface org.freedesktop.DBus.Introspectable with
path /org/freedesktop/sssd/dataprovider
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [dp_common_send_id] (0x0100):
Sending ID to DP: (1,PAM)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_add_timeout] (0x2000):
0x7f445ba6dae0
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6ce50/0x7f445ba69c10 (16), R/- (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6ce50/0x7f445ba69bc0 (16), -/W (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sysdb_domain_init_internal]
(0x0200): DB File for ipa.preprod.local:
/var/lib/sss/db/cache_ipa.preprod.local.ldb
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_callback": 0x7f445ba71ae0
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_timeout": 0x7f445ba71c10
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Running timer event
0x7f445ba71ae0 "ltdb_callback"
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Destroying timer
event 0x7f445ba71c10 "ltdb_timeout"
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Ending timer event
0x7f445ba71ae0 "ltdb_callback"
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x0400): asq: Unable to
register control with rootdse!
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_callback": 0x7f445ba716f0
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_timeout": 0x7f445ba72100
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Running timer event
0x7f445ba716f0 "ltdb_callback"
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Destroying timer
event 0x7f445ba72100 "ltdb_timeout"
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Ending timer event
0x7f445ba716f0 "ltdb_callback"
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_callback": 0x7f445ba724c0
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_timeout": 0x7f445ba725f0
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Running timer event
0x7f445ba724c0 "ltdb_callback"
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Destroying timer
event 0x7f445ba725f0 "ltdb_timeout"
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [ldb] (0x4000): Ending timer event
0x7f445ba724c0 "ltdb_callback"
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sss_process_init] (0x0400):
Responder Initialization complete
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [get_trusted_uids] (0x0400): All
UIDs are allowed.
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sss_parse_name_for_domains]
(0x0200): name 'root' matched without domain, user is root
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sss_ncache_set_str] (0x0400):
Adding [NCE/USER/ipa.preprod.local/root] to negative cache permanently
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sss_parse_name_for_domains]
(0x0200): name 'root' matched without domain, user is root
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sss_ncache_set_str] (0x0400):
Adding [NCE/GROUP/ipa.preprod.local/root] to negative cache permanently
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [responder_set_fd_limit] (0x0100):
Maximum file descriptors set to [8192]
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sss_dp_issue_request] (0x0400):
Issuing request for [0x7f445ab5c950:domains at ipa.preprod.local]
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sss_dp_get_domains_msg] (0x0400):
Sending get domains request for [ipa.preprod.local][]
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_add_timeout] (0x2000):
0x7f445ba6f0b0
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sss_dp_internal_get_send] (0x0400):
Entering request [0x7f445ab5c950:domains at ipa.preprod.local]
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba69d30
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba69d30
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba69d30
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6c130/0x7f445ba6aec0 (15), R/- (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6c130/0x7f445ba6ae70 (15), -/W (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6ce50/0x7f445ba69c10 (16), R/- (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6ce50/0x7f445ba69bc0 (16), -/W (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6c130/0x7f445ba6aec0 (15), R/- (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6c130/0x7f445ba6ae70 (15), -/W (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6ce50/0x7f445ba69c10 (16), R/- (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6ce50/0x7f445ba69bc0 (16), -/W (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6c130/0x7f445ba6aec0 (15), R/- (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6c130/0x7f445ba6ae70 (15), -/W (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6ce50/0x7f445ba69c10 (16), R/- (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6ce50/0x7f445ba69bc0 (16), -/W (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6c130/0x7f445ba6aec0 (15), R/- (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6c130/0x7f445ba6ae70 (15), -/W (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6ce50/0x7f445ba69c10 (16), R/- (enabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_toggle_watch] (0x4000):
0x7f445ba6ce50/0x7f445ba69bc0 (16), -/W (disabled)
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_remove_timeout] (0x2000):
0x7f445ba667f0
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [id_callback] (0x0100): Got id ack
and version (1) from Monitor
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_remove_timeout] (0x2000):
0x7f445ba6dae0
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba69d30
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:05:08 2016) [sssd[pam]] [dp_id_callback] (0x0100): Got id
ack and version (1) from DP
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [sbus_remove_timeout] (0x2000):
0x7f445ba6f0b0
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba69d30
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [sss_dp_get_reply] (0x1000): Got
reply from Data Provider - DP error code: 0 errno: 0 error message: Success
(Success)
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_callback": 0x7f445ba71ae0
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_timeout": 0x7f445ba73860
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Running timer event
0x7f445ba71ae0 "ltdb_callback"
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Destroying timer
event 0x7f445ba73860 "ltdb_timeout"
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Ending timer event
0x7f445ba71ae0 "ltdb_callback"
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_callback": 0x7f445ba7aa00
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_timeout": 0x7f445ba7ab30
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Running timer event
0x7f445ba7aa00 "ltdb_callback"
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Destroying timer
event 0x7f445ba7ab30 "ltdb_timeout"
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Ending timer event
0x7f445ba7aa00 "ltdb_callback"
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_callback": 0x7f445ba7aa00
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_timeout": 0x7f445ba6c290
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Running timer event
0x7f445ba7aa00 "ltdb_callback"
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Destroying timer
event 0x7f445ba6c290 "ltdb_timeout"
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [ldb] (0x4000): Ending timer event
0x7f445ba7aa00 "ltdb_callback"
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [new_subdomain] (0x0400): Creating [
corp.addomain.com] as subdomain of [ipa.preprod.local]!
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [link_forest_roots] (0x2000):
[ipa.preprod.local] is a forest root
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [link_forest_roots] (0x2000): [
corp.addomain.com] is a forest root
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [sss_parse_name_for_domains]
(0x0200): name 'root' matched without domain, user is root
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [sss_ncache_set_str] (0x0400):
Adding [NCE/USER/ipa.preprod.local/root] to negative cache permanently
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [sss_parse_name_for_domains]
(0x0200): name 'root' matched without domain, user is root
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [sss_ncache_set_str] (0x0400):
Adding [NCE/GROUP/ipa.preprod.local/root] to negative cache permanently
(Thu Aug 25 11:05:09 2016) [sssd[pam]] [sss_dp_req_destructor] (0x0400):
Deleting request: [0x7f445ab5c950:domains at ipa.preprod.local]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [get_client_cred] (0x4000): Client
creds: euid[0] egid[0] pid[20171].
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [reset_idle_timer] (0x4000): Idle
timer re-set for client [0x7f445ba74990][19]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [accept_fd_handler] (0x0400): Client
connected to privileged pipe!
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [reset_idle_timer] (0x4000): Idle
timer re-set for client [0x7f445ba74990][19]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sss_cmd_get_version] (0x0200):
Received client version [3].
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sss_cmd_get_version] (0x0200):
Offered version [3].
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [reset_idle_timer] (0x4000): Idle
timer re-set for client [0x7f445ba74990][19]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [reset_idle_timer] (0x4000): Idle
timer re-set for client [0x7f445ba74990][19]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_cmd_preauth] (0x0100): entering
pam_cmd_preauth
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sss_parse_name_for_domains]
(0x0200): name 'aduser at corp.addomain.com' matched expression for domain '
corp.addomain.com', user is aduser
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): command:
SSS_PAM_PREAUTH
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): domain:
corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): user:
aduser
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): service:
sshd
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): tty: ssh
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): ruser:
not set
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): rhost:
ilt-gif-ipa02.ipa.preprod.local
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): authtok
type: 0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100):
newauthtok type: 0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): cli_pid:
20171
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): logon
name: aduser at corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sss_ncache_check_str] (0x2000):
Checking negative cache for [NCE/USER/corp.addomain.com/aduser]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_initgr_check_timeout] (0x4000):
User [aduser at corp.addomain.com] not found in PAM cache.
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sss_dp_issue_request] (0x0400):
Issuing request for [0x7f445ab5b090:3:aduser at corp.addomain.com]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sss_dp_get_account_msg] (0x0400):
Creating request for [corp.addomain.com][3][1][name=aduser]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_add_timeout] (0x2000):
0x7f445ba667f0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sss_dp_internal_get_send] (0x0400):
Entering request [0x7f445ab5b090:3:aduser at corp.addomain.com]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_remove_timeout] (0x2000):
0x7f445ba667f0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba69d30
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sss_dp_get_reply] (0x1000): Got
reply from Data Provider - DP error code: 0 errno: 0 error message: Success
(Success)
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_check_user_search] (0x0100):
Requesting info for [aduser at corp.addomain.com]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_callback": 0x7f445ba6f610
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_timeout": 0x7f445ba7aa00
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [ldb] (0x4000): Running timer event
0x7f445ba6f610 "ltdb_callback"
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [ldb] (0x4000): Destroying timer
event 0x7f445ba7aa00 "ltdb_timeout"
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [ldb] (0x4000): Ending timer event
0x7f445ba6f610 "ltdb_callback"
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_check_user_search] (0x0400):
Returning info for user [aduser at corp.addomain.com]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pd_set_primary_name] (0x0400):
User's primary name is aduser at corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_initgr_cache_set] (0x2000): [
aduser at corp.addomain.com] added to PAM initgroup cache
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_dp_send_req] (0x0100): Sending
request with the following data:
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): command:
SSS_PAM_PREAUTH
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): domain:
corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): user:
aduser at corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): service:
sshd
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): tty: ssh
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): ruser:
not set
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): rhost:
ilt-gif-ipa02.ipa.preprod.local
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): authtok
type: 0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100):
newauthtok type: 0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): cli_pid:
20171
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): logon
name: aduser at corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_add_timeout] (0x2000):
0x7f445ba70720
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_dom_forwarder] (0x0100):
pam_dp_send_req returned 0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sss_dp_req_destructor] (0x0400):
Deleting request: [0x7f445ab5b090:3:aduser at corp.addomain.com]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_remove_timeout] (0x2000):
0x7f445ba70720
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba69d30
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_dp_process_reply] (0x0200):
received: [0 (Success)][corp.addomain.com]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_reply] (0x0200): pam_reply
called with result [0]: Success.
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_reply] (0x0200): blen: 36
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [reset_idle_timer] (0x4000): Idle
timer re-set for client [0x7f445ba74990][19]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [reset_idle_timer] (0x4000): Idle
timer re-set for client [0x7f445ba74990][19]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_cmd_authenticate] (0x0100):
entering pam_cmd_authenticate
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sss_parse_name_for_domains]
(0x0200): name 'aduser at corp.addomain.com' matched expression for domain '
corp.addomain.com', user is aduser
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): command:
PAM_AUTHENTICATE
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): domain:
corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): user:
aduser
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): service:
sshd
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): tty: ssh
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): ruser:
not set
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): rhost:
ilt-gif-ipa02.ipa.preprod.local
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): authtok
type: 1
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100):
newauthtok type: 0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): cli_pid:
20171
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): logon
name: aduser at corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sss_ncache_check_str] (0x2000):
Checking negative cache for [NCE/USER/corp.addomain.com/aduser]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_initgr_check_timeout] (0x2000):
User [aduser at corp.addomain.com] found in PAM cache.
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_check_user_search] (0x0100):
Requesting info for [aduser at corp.addomain.com]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_callback": 0x7f445ba74cf0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [ldb] (0x4000): Added timed event
"ltdb_timeout": 0x7f445ba76e80
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [ldb] (0x4000): Running timer event
0x7f445ba74cf0 "ltdb_callback"
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [ldb] (0x4000): Destroying timer
event 0x7f445ba76e80 "ltdb_timeout"
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [ldb] (0x4000): Ending timer event
0x7f445ba74cf0 "ltdb_callback"
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_check_user_search] (0x0400):
Returning info for user [aduser at corp.addomain.com]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pd_set_primary_name] (0x0400):
User's primary name is aduser at corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_dp_send_req] (0x0100): Sending
request with the following data:
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): command:
PAM_AUTHENTICATE
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): domain:
corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): user:
aduser at corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): service:
sshd
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): tty: ssh
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): ruser:
not set
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): rhost:
ilt-gif-ipa02.ipa.preprod.local
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): authtok
type: 1
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100):
newauthtok type: 0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): cli_pid:
20171
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_print_data] (0x0100): logon
name: aduser at corp.addomain.com
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_add_timeout] (0x2000):
0x7f445ba6e6c0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_dom_forwarder] (0x0100):
pam_dp_send_req returned 0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_remove_timeout] (0x2000):
0x7f445ba6e6c0
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba69d30
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_dp_process_reply] (0x0200):
received: [4 (System error)][corp.addomain.com]
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_reply] (0x0200): pam_reply
called with result [4]: System error.
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [pam_reply] (0x0200): blen: 36
(Thu Aug 25 11:05:13 2016) [sssd[pam]] [reset_idle_timer] (0x4000): Idle
timer re-set for client [0x7f445ba74990][19]
(Thu Aug 25 11:05:14 2016) [sssd[pam]] [reset_idle_timer] (0x4000): Idle
timer re-set for client [0x7f445ba74990][19]
(Thu Aug 25 11:05:14 2016) [sssd[pam]] [client_recv] (0x0200): Client
disconnected!
(Thu Aug 25 11:05:14 2016) [sssd[pam]] [client_destructor] (0x2000):
Terminated client [0x7f445ba74990][19]
(Thu Aug 25 11:05:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:05:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:05:18 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:05:18 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:05:18 2016) [sssd[pam]] [pam_initgr_cache_remove] (0x2000): [
aduser at corp.addomain.com] removed from PAM initgroup cache
(Thu Aug 25 11:05:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:05:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:05:28 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:05:28 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:05:38 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:05:38 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:05:38 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:05:38 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:05:48 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:05:48 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:05:48 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:05:48 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:05:58 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:05:58 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:05:58 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:05:58 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:06:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:06:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:06:08 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:06:08 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:06:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:06:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:06:18 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:06:18 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:06:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:06:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:06:28 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:06:28 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:06:38 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:06:38 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:06:38 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:06:38 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:06:48 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:06:48 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:06:48 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:06:48 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:06:58 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:06:58 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:06:58 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:06:58 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:07:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:07:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:07:08 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:07:08 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:07:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:07:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:07:18 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:07:18 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:07:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:07:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:07:28 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:07:28 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:07:38 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:07:38 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:07:38 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:07:38 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:07:48 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:07:48 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:07:48 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:07:48 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:07:58 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:07:58 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:07:58 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:07:58 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:08:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:08:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:08:08 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:08:08 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:08:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:08:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:08:18 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:08:18 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:08:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:08:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:08:28 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:08:28 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:08:38 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:08:38 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:08:38 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:08:38 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:08:48 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:08:48 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:08:48 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:08:48 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:08:58 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:08:58 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:08:58 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:08:58 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:09:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:09:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:09:08 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:09:08 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:09:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:09:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:09:18 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:09:18 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:09:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:09:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:09:28 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:09:28 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:09:38 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:09:38 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:09:38 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:09:38 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:09:48 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:09:48 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:09:48 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:09:48 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:09:58 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:09:58 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:09:58 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:09:58 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:10:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:10:08 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:10:08 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:10:08 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:10:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:10:18 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:10:18 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:10:18 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Thu Aug 25 11:10:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000): dbus conn:
0x7f445ba66500
(Thu Aug 25 11:10:28 2016) [sssd[pam]] [sbus_dispatch] (0x4000):
Dispatching.
(Thu Aug 25 11:10:28 2016) [sssd[pam]] [sbus_message_handler] (0x2000):
Received SBUS method org.freedesktop.sssd.service.ping on path
/org/freedesktop/sssd/service
(Thu Aug 25 11:10:28 2016) [sssd[pam]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
/Rajat
On Thu, Aug 18, 2016 at 9:48 AM, rajat gupta <rajat.linux at gmail.com> wrote:
> Thanks.
>
> When i am trying to accesses user with password i am getting below message
> in logs.
>
> *Aug 18 09:38:17 ilt-gif-ipa02 [sssd[krb5_child[8505]]]: Cannot find KDC
> for realm "ADDOMAON.COM <http://ADDOMAON.COM>"*
>
> when i connect through ssh, it tries to contact the KDC for the realm *ADDOMAON.COM
> <http://ADDOMAON.COM>*
>
> which should be corp.addomain.com
>
>
> Do you have any further comments or suggestions that may help us.
>
>
> /Rajat
>
>
>
> On Tue, Aug 16, 2016 at 2:46 PM, Alexander Bokovoy <abokovoy at redhat.com>
> wrote:
>
>> On Tue, 16 Aug 2016, rajat gupta wrote:
>>
>>> Hi,
>>>
>>>
>>> I have done IPA AD trust between IPA and AD server. But trust is showing
>>> offline always. But we are able to get the AD user information. And able
>>> to
>>> grant the KRB ticket.
>>>
>>>
>>>
>>> # wbinfo --online-status
>>> BUILTIN : online
>>> IPA : online
>>> *CORP : offline*
>>>
>> Don't use wbinfo. Its output is irrelevant starting from FreeIPA 3.3.
>>
>>
>>>
>>> #id aduser at CORP.ADDOMAIN.COM
>>> uid=1007656917(aduser at corp.addomain.com) gid=1007656917(
>>> aduser at corp.addomain.com) groups=1007656917(aduser at corp.addomain.com
>>> ),1007715891(prg-msoffice2013pro(kms)@corp.addomain.com),1007663829(
>>> da-eeg-intra-read at corp.addomain.com),1007600513(domain
>>> users at corp.addomain.com)
>>>
>>>
>>> [root at ilt-gif-ipa01 ~]# kinit aduser at CORP.ADDOMAIN.COM
>>> Password for aduser at CORP.ADDOMAIN.COM:
>>> [root at ilt-gif-ipa01 ~]#
>>> [root at ilt-gif-ipa01 ~]#
>>> [root at ilt-gif-ipa01 ~]# klist
>>> Ticket cache: KEYRING:persistent:0:0
>>> Default principal: aduser at CORP.ADDOMAIN.COM
>>>
>>> Valid starting Expires Service principal
>>> 08/11/2016 13:11:35 08/11/2016 23:11:35 krbtgt/
>>> CORP.ADDOMAIN.COM at CORP.ADDOMAIN.COM
>>> renew until 08/12/2016 13:11:29
>>> [root at ilt-gif-ipa01 ~]#
>>>
>> This is irrelevant for the trust case because you are authenticating
>> against AD DCs, not IPA KDCs.
>>
>>
>>>
>>>
>>> Form IPA client server we are able to get the all thinks ( KRB ticket/
>>> user/groups )
>>>
>>> [root at ilt-gif-ipa02 ~]# getent passwd aduser at CORP.addomain.COM
>>> aduser at corp.addomain.com:*:1007656917:1007656917:USER NAME:/home/
>>> corp.addomain.com/aduser:
>>> [root at ilt-gif-ipa02 ~]#
>>>
>>>
>>> [root at ilt-gif-ipa02 ~]# getent group aduser at CORP.addomain.COM
>>> aduser at corp.addomain.com:*:1007656917:
>>> [root at ilt-gif-ipa02 ~]#
>>>
>>>
>>> [root at ilt-gif-ipa02 ~]# id aduser at CORP.addomain.COM
>>> uid=1007656917(aduser at corp.addomain.com) gid=1007656917(
>>> aduser at corp.addomain.com) groups=1007656917(aduser at corp.addomain.com
>>> ),1007715891(prg-msoffice2013pro(kms)@corp.addomain.com),1007663829(
>>> da-eeg-intra-read at corp.addomain.com),1007600513(domain
>>> users at corp.addomain.com),1007725088(tfs_users at corp.addomain.com)
>>>
>>>
>>> Also we are to ssh to IPA client on same machine or from some other
>>> machine with gss authentication. But using password authentication it’s
>>> failed to login.
>>>
>>> *ERROR:- pam_sss(sshd:auth): authentication failure; logname*
>>>
>>>
>>>
>>> kinit aduser at CORP.ADDOMAIN.COM
>>> Password for aduser at CORP.ADDOMAIN.COM:
>>>
>>>
>>>
>>> [root at ilt-gif-ipa02 ~]# ssh -vl aduser at corp.addomain.com
>>> ilt-gif-ipa02.ipa.preprod.local
>>> OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
>>> debug1: Reading configuration data /etc/ssh/ssh_config
>>> debug1: /etc/ssh/ssh_config line 60: Applying options for *
>>> debug1: Executing proxy command: exec /usr/bin/sss_ssh_knownhostsproxy
>>> -p
>>> 22 ilt-gif-ipa02.ipa.preprod.local
>>> debug1: permanently_set_uid: 0/0
>>> debug1: permanently_drop_suid: 0
>>> debug1: identity file /root/.ssh/id_rsa type -1
>>> debug1: identity file /root/.ssh/id_rsa-cert type -1
>>> debug1: identity file /root/.ssh/id_dsa type -1
>>> debug1: identity file /root/.ssh/id_dsa-cert type -1
>>> debug1: identity file /root/.ssh/id_ecdsa type -1
>>> debug1: identity file /root/.ssh/id_ecdsa-cert type -1
>>> debug1: identity file /root/.ssh/id_ed25519 type -1
>>> debug1: identity file /root/.ssh/id_ed25519-cert type -1
>>> debug1: Enabling compatibility mode for protocol 2.0
>>> debug1: Local version string SSH-2.0-OpenSSH_6.6.1
>>> debug1: Remote protocol version 2.0, remote software version
>>> OpenSSH_6.6.1
>>> debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
>>> debug1: SSH2_MSG_KEXINIT sent
>>> debug1: SSH2_MSG_KEXINIT received
>>> debug1: kex: server->client aes128-ctr hmac-md5-etm at openssh.com none
>>> debug1: kex: client->server aes128-ctr hmac-md5-etm at openssh.com none
>>> debug1: kex: curve25519-sha256 at libssh.org need=16 dh_need=16
>>> debug1: kex: curve25519-sha256 at libssh.org need=16 dh_need=16
>>> debug1: sending SSH2_MSG_KEX_ECDH_INIT
>>> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
>>> debug1: Server host key: ECDSA
>>> f0:e6:b2:66:c8:41:06:4e:83:a4:a2:c5:5a:57:24:66
>>> debug1: Host 'ilt-gif-ipa02.ipa.preprod.local' is known and matches the
>>> ECDSA host key.
>>> debug1: Found key in /root/.ssh/known_hosts:3
>>> debug1: ssh_ecdsa_verify: signature correct
>>> debug1: SSH2_MSG_NEWKEYS sent
>>> debug1: expecting SSH2_MSG_NEWKEYS
>>> debug1: SSH2_MSG_NEWKEYS received
>>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>>> debug1: Authentications that can continue:
>>> publickey,gssapi-keyex,gssapi-with-mic,password
>>> debug1: Next authentication method: gssapi-keyex
>>> debug1: No valid Key exchange context
>>> debug1: Next authentication method: gssapi-with-mic
>>> *debug1: Authentication succeeded (gssapi-with-mic).*
>>> Authenticated to ilt-gif-ipa02.ipa.preprod.local (via proxy).
>>> debug1: channel 0: new [client-session]
>>> debug1: Requesting no-more-sessions at openssh.com
>>> debug1: Entering interactive session.
>>> debug1: Sending environment.
>>> debug1: Sending env LANG = en_US.UTF-8
>>> Last login: Thu Aug 11 13:17:05 2016 from ilt-gif-ipa02.ipa.preprod.loca
>>> l
>>>
>>> RHN kickstart on 2014-10-16
>>>
>>> -sh-4.2$ pwd
>>> /home/corp.addomain.com/aduser
>>> -sh-4.2$ who am i
>>> aduser at corp.addomain.com pts/3 2016-08-11 13:19
>>> (ilt-gif-ipa02.ipa.preprod.local)
>>> -sh-4.2$
>>>
>>>
>>>
>>> ]# ssh aduser at corp.addomain.com@ilt-gif-ipa02.ipa.preprod.local
>>> e600336 at corp.corpcommon.com@ilt-gif-ipa02.ipa.preprod.local's password:
>>> Permission denied, please try again.
>>> e600336 at corp.corpcommon.com@ilt-gif-ipa02.ipa.preprod.local's password:
>>>
>>>
>>> Can you please help me i am not able to login with AD user
>>> password authentication.
>>>
>> If you cannot login with password but can with Kerberos credentials, you
>> need to look into SSSD logs on the ilt-gif-ipa02.ipa.preprod.local host.
>> See https://fedorahosted.org/sssd/wiki/Troubleshooting
>>
>>
>> --
>> / Alexander Bokovoy
>>
>
>
>
> --
>
> *Rajat Gupta *
>
--
*Rajat Gupta *
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160825/c7e16dc7/attachment.htm>
More information about the Freeipa-devel
mailing list