1

I have set Azure Active Directory(AD) up and running along with Azure AD Domain Services in which a single domain with secure LDAP is configured.

On a Linux server, I have tested whether it can communicate with the AD by ldapsearch command and it is working fine(I was able to fetch data from the AD).

Now I am struggling to set up System Security Services Daemon(SSSD) to authenticate users that try to ssh into the Linux server against their credentials stored in the AD.

So far I have managed to get the SSSD running and at least to communicate with the AD.

Looking at the output below, the SSSD service seems to be up and running and the Backend is online. 

 sssd.service - System Security Services Daemon
   Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2018-10-15 03:30:49 UTC; 1h 35min ago
 Main PID: 16970 (sssd)
   CGroup: /system.slice/sssd.service
           ├─16970 /usr/sbin/sssd -i --logger=files
           ├─16971 /usr/libexec/sssd/sssd_be --domain default --uid 0 --gid 0 --logger=files
           ├─16972 /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --logger=files
           ├─16973 /usr/libexec/sssd/sssd_sudo --uid 0 --gid 0 --logger=files
           ├─16974 /usr/libexec/sssd/sssd_pam --uid 0 --gid 0 --logger=files
           ├─16975 /usr/libexec/sssd/sssd_autofs --uid 0 --gid 0 --logger=files
           └─16976 /usr/libexec/sssd/sssd_ssh --uid 0 --gid 0 --logger=files

Oct 15 03:30:49 ip-xxx.local sssd[16970]: Starting up
Oct 15 03:30:49 ip-xxx.local sssd[be[default]][16971]: Starting up
Oct 15 03:30:49 ip-xxx.local sssd[be[default]][16971]: Your configuration uses the autofs provider with schema set to rfc2307 and default attribute mappings. The default map h...attributes.
Oct 15 03:30:49 ip-xxx.local sssd[ssh][16976]: Starting up
Oct 15 03:30:49 ip-xxx.local sssd[autofs][16975]: Starting up
Oct 15 03:30:49 ip-xxx.local sssd[sudo][16973]: Starting up
Oct 15 03:30:49 ip-xxx.local sssd[pam][16974]: Starting up
Oct 15 03:30:49 ip-xxx.local sssd[nss][16972]: Starting up
Oct 15 03:30:49 ip-xxx.local systemd[1]: Started System Security Services Daemon.
Oct 15 03:32:13 ip-xxx.local sssd[be[default]][16971]: Backend is online
Hint: Some lines were ellipsized, use -l to show in full.

However, when executing the following command for testing purposes,

id username

The backend(AD) returns an error saying it is offline for some reason.

[sss_dp_get_reply] (0x0010): The Data Provider returned an error [org.freedesktop.sssd.Error.DataProvider.Offline]

This conflicts with the output(Backend is online) above.

What could be the cause of this error?

d-_-b
  • 153
  • 1
  • 7
  • did you follow the documentation here: https://docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-join-rhel-linux-vm – natxo asenjo Oct 18 '18 at 16:18

0 Answers0