[Freeipa-users] Only one AD user can able to login to IPA server
Jakub Hrozek
jhrozek at redhat.com
Tue Mar 17 10:27:59 UTC 2015
On Tue, Mar 17, 2015 at 12:57:27PM +0300, Ben .T.George wrote:
> HI
>
> i have enabled debug
>
> here is my sssd.conf
>
> [root at kwtpocpbis01 ~]# cat /etc/sssd/sssd.conf
> [domain/solaris.local]
>
> cache_credentials = True
> krb5_store_password_if_offline = True
> ipa_domain = solaris.local
> id_provider = ipa
> auth_provider = ipa
> access_provider = ipa
> ipa_hostname = kwtpocpbis01.solaris.local
> chpass_provider = ipa
> ipa_server = kwtpocpbis01.solaris.local
> ipa_server_mode = True
> ldap_tls_cacert = /etc/ipa/ca.crt
Please also add debug_level to this section, not just [sssd] and [nss]
> [sssd]
> services = nss, sudo, pam, ssh
> config_file_version = 2
>
> domains = solaris.local
> debug_level = 6
> [nss]
> homedir_substring = /home
> debug_level = 6
>
> [pam]
>
> [sudo]
>
> [autofs]
>
> [ssh]
>
> [pac]
>
> [ifp]
More information about the Freeipa-users
mailing list