Skip to main content
Unix & Linux

Return to Question

add sssd.conf content (for better formatting than in a comment)
Source Link
Christophe Drevet
Christophe Drevet
  • 4.3k
  • 2
  • 19
  • 16

When I try to do a su [email protected] I get a "user does not exist" message.

[email protected] exists in Active Directory. I can do kinit [email protected] successfully and get a ticket. Here are the steps I did:

  1. I have MIT KDC on CentOS 7 CENTOSREALM.COM and Active Directory realm ADREALM.COM
  2. On CentOS I did realm join ADREALM.COM which gave "* Successfully enrolled machine in realm". I can see the centos hostname in Active Directory Computers container.
  3. But I cannot login to the CentOS server with [email protected] this user exists in AD.

Where do I look for errors or steps to debug this issue?

The sssd.conf content:

[sssd]
domains = adrealm.com
config_file_version = 2
services = nss, pam

[domain/adrealm.com]
ad_server = adrealm.com
ad_domain = adrealm.com
krb5_realm = ADREALM.COM
realmd_tags = manages-system joined-with-adcli
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = True
fallback_homedir = /home/%u@%d
access_provider = ad
debug_level = 3

When I try to do a su [email protected] I get a "user does not exist" message.

[email protected] exists in Active Directory. I can do kinit [email protected] successfully and get a ticket. Here are the steps I did:

  1. I have MIT KDC on CentOS 7 CENTOSREALM.COM and Active Directory realm ADREALM.COM
  2. On CentOS I did realm join ADREALM.COM which gave "* Successfully enrolled machine in realm". I can see the centos hostname in Active Directory Computers container.
  3. But I cannot login to the CentOS server with [email protected] this user exists in AD.

Where do I look for errors or steps to debug this issue?

When I try to do a su [email protected] I get a "user does not exist" message.

[email protected] exists in Active Directory. I can do kinit [email protected] successfully and get a ticket. Here are the steps I did:

  1. I have MIT KDC on CentOS 7 CENTOSREALM.COM and Active Directory realm ADREALM.COM
  2. On CentOS I did realm join ADREALM.COM which gave "* Successfully enrolled machine in realm". I can see the centos hostname in Active Directory Computers container.
  3. But I cannot login to the CentOS server with [email protected] this user exists in AD.

Where do I look for errors or steps to debug this issue?

The sssd.conf content:

[sssd]
domains = adrealm.com
config_file_version = 2
services = nss, pam

[domain/adrealm.com]
ad_server = adrealm.com
ad_domain = adrealm.com
krb5_realm = ADREALM.COM
realmd_tags = manages-system joined-with-adcli
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = True
fallback_homedir = /home/%u@%d
access_provider = ad
debug_level = 3
added 3 characters in body; edited title
Source Link
steve
steve
  • 22.3k
  • 5
  • 53
  • 79

sssd and Active Directory user does not exist in CentosCentOS

When I try to do a su [email protected] isu [email protected] I get a user"user does not existexist" message. 

[email protected] exists in Active Directory. I can do kinit [email protected]kinit [email protected] successfully and get a ticket. Here are the steps I did:

  1. I have MIT KDC on centosCentOS 7 CENTOSREALM.COM and Active Directory realm ADREALM.COM
  2. On centosCentOS I did "realm join ADREALM.COM"realm join ADREALM.COM which gave *"* Successfully enrolled machine in realmrealm". I can see the centos hostname in Active Directory Computers container.
  3. But I cannot login to the centosCentOS server with [email protected] this user exists in AD.

Where do I look for errors or steps to debug this issue? Thanks!!

sssd and Active Directory user does not exist in Centos

When I try to do a su [email protected] i get a user does not exist message. [email protected] exists in Active Directory. I can do kinit [email protected] successfully and get a ticket. Here are the steps I did:

  1. I have MIT KDC on centos 7 CENTOSREALM.COM and Active Directory realm ADREALM.COM
  2. On centos I did "realm join ADREALM.COM" which gave * Successfully enrolled machine in realm. I can see the centos hostname in Active Directory Computers container.
  3. But I cannot login to the centos server with [email protected] this user exists in AD.

Where do I look for errors or steps to debug this issue? Thanks!!

sssd and Active Directory user does not exist in CentOS

When I try to do a su [email protected] I get a "user does not exist" message. 

[email protected] exists in Active Directory. I can do kinit [email protected] successfully and get a ticket. Here are the steps I did:

  1. I have MIT KDC on CentOS 7 CENTOSREALM.COM and Active Directory realm ADREALM.COM
  2. On CentOS I did realm join ADREALM.COM which gave "* Successfully enrolled machine in realm". I can see the centos hostname in Active Directory Computers container.
  3. But I cannot login to the CentOS server with [email protected] this user exists in AD.

Where do I look for errors or steps to debug this issue?

Source Link
ebeb
ebeb
  • 199
  • 1
  • 1
  • 7

sssd and Active Directory user does not exist in Centos

When I try to do a su [email protected] i get a user does not exist message. [email protected] exists in Active Directory. I can do kinit [email protected] successfully and get a ticket. Here are the steps I did:

  1. I have MIT KDC on centos 7 CENTOSREALM.COM and Active Directory realm ADREALM.COM
  2. On centos I did "realm join ADREALM.COM" which gave * Successfully enrolled machine in realm. I can see the centos hostname in Active Directory Computers container.
  3. But I cannot login to the centos server with [email protected] this user exists in AD.

Where do I look for errors or steps to debug this issue? Thanks!!