Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [sssd]

System Security Services Daemon (SSSD) - This project provides a set of daemons to manage access to remote directories and authentication mechanisms, it provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources. It is also the basis to provide client auditing and policy services for FreeIPA, LDAP, & Active Directory.

353 questions
3
votes
2 answers

SSSD Authentication

I just built a test server running OpenSuSE 12.1 and am trying to learn how configure sssd, but am not sure where to begin to look for why my config cannot allow me to authenticate. server:/etc/sssd # cat sssd.conf [sssd] config_file_version =…
Michael Moser
  • 219
  • 2
  • 4
  • 16
3
votes
1 answer

The memcache was not invalidated by NSS responder

I was deleting a user. # userdel u1 The memcache was not invalidated by nss responder. But finally the user was deleted. What does "The memcache was not invalidated by nss responder" means? Fedora 34 Thanks
JellyTea
  • 33
  • 4
3
votes
1 answer

id: user: no such user

I'm using Centos 7 to authenticate locally Active directory users using kerberos. I joined the realm with the Administrator and i can login/ssh through it/with it, nslookup working fine, and adcli info is working. When i create another user called…
Gopal
  • 31
  • 1
  • 2
3
votes
1 answer

What realmd_tags parameter in sssd config is used for?

I have multiples linux workstations using sssd to authenticated with ad. To avoid misconfiguration ansible is used to maintain homogeneous setup of sssd. There come my interrogation what is the parameter realmd_tags in the domain section of sssd…
Seb0
  • 31
  • 2
3
votes
0 answers

SSSD procedure for staying joined when renaming AD computer object

Shooting for the moon with this question here. In Windows if you join a client to an AD domain and later if you want to rename the computer object you can do so "seamlessly" without it breaking the AD membership of the client. I want to accomplish…
SeligkeitIstInGott
  • 179
  • 2
  • 5
  • 19
3
votes
1 answer

How to change Fedora hostname while being AD-member

i#m using a Fedora Workstation in our company Active Directory Domaine. The fedora box is member of the ActiveDirectory (Server 2012 R2). Now my hardware died and i moved my harddisk to a new hardware. Which is fine with Linux, the Fedora just boots…
Chris9834
  • 151
  • 1
  • 11
2
votes
1 answer

What is the difference between samba and sssd?

In my ubuntu workstation I use /etc/samba/smb.conf and /etc/sssd/sssd.conf with /etc/krb5.conf in order to join active directory on a corporate network. sudo service samba-ad-dc status # inactive sudo service sssd status # active (running) However…
Marinos An
  • 155
  • 1
  • 8
2
votes
2 answers

sssd No domains configured, fatal error

sssd runnig one client but fails another, any idea? system is Centos 7 x64, running on proxmox VM # journalctl -xe -- Unit sssd.service has begun starting up. Ağu 20 09:20:17 slreport.linktera.lan sssd[31252]: Starting up Ağu 20 09:20:17…
Selman Keskin
  • 21
  • 1
  • 3
2
votes
1 answer

SSSD+Samba+SSH GSSAPI authentication issues

I am configuring SSSD+Samba+SSH on CentOS 7.6. So far I have managed to get all 3 at least working. SSSD is configured and joined using realm join. Samba is configured and connected to AD via net ads join. However, for some reason I cannot get…
Eroji
  • 203
  • 2
  • 5
  • 8
2
votes
1 answer

How do I run Docker containers as a Active Directory-domain user (SSSD)? ("unable to find user")

I am running several Samba-shares on a dedicated Debian 9.6 machine joined to an AD-domain (Zentyal with SMB 4). I am using a pretty straight-forward SSSD installation that has so far worked out perfectly for our needs. I want to set Ambar up so…
Oleg
  • 373
  • 1
  • 7
  • 17
2
votes
0 answers

Enable Windows Active Directory Groups on Sudoers File

We've recently started enabling access to our linux machines using Windows Active Directory users. The chosen method was kerberos+samba+sssd and it's working fine. Our next step is to allow certain AD Groups to have sudo rights, and we have to do it…
Desolli
  • 21
  • 1
  • 3
2
votes
1 answer

Run a Bash Script on New User Creation by SSSD

Users created on AD can login to Linux with a password. I would like to replace this password login with ssh-key. So far, I've made a custom attribute and placed the public key in it and able to fetch it on Linux with a script. I would like to put…
Shahzaib Khan
  • 21
  • 2
2
votes
0 answers

SSSD with LDAP users not able to resolve their own uid/gid names and others

I have a machine setup to authenticate users with an LDAP directory using sssd+nss+pam. At the current state any user in the directory is able to login by ssh, or with su in between user accounts, but it seems they are not able to retrieve their…
karamaz0v
  • 21
  • 1
  • 2
2
votes
1 answer

Active Directory sssd not Updating DNS

I have been migrating my Vm lab over to AD to centralize the auth management and im having issue with the linux VM's (Debian 8) not updating DNS records. the clients are being joined with realmd and after joining, I can auth with the domain…
Philderbeast
  • 41
  • 1
  • 3
2
votes
0 answers

How to make authconfig-tui use sssd instead of nslcd?

I've read that redhat's going to deprecate nslcd, and sssd is the future. So, I was following a video that shows how to setup IPA clients using authconfig-tui. Yes, I'm aware that it's been deprecated, but I still wanted to try it. In the video, the…
Somu
  • 125
  • 6
1 2 3
23 24