Stack Overflow
Stack Overflow

Questions tagged [sssd]

SSSD is a system daemon that provides access to identity and authentication remote resource through a common framework that can provide caching and offline support to the system.

SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms.

It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources as well as a D-Bus interface.

It is also the basis to provide client auditing and policy services for centralised identity management systems such as FreeIPA and Active Directory.

In addition, it provides a more robust database to store local users as well as extended user data.

67 questions
1
vote
0 answers

SSSD "KDC has no support for encryption; Preauthentication failed"

Have a problem where have SSSD installed on a remote desktop (running CentOS7) and occasionally have problems logging in (including via ssh) using my AD credentials. Ssh'ing in as root and checking the status of the sssd process, I…
lampShadesDrifter
  • 3,925
  • 8
  • 40
  • 102
1
vote
1 answer

FreeRadius 3.0.13 + Google Auth + SSSD + Active Directory - Filter via AD security groups

I am a newbie to FreeRadius, so my knowledge is not in-depth. I am trying to configure a central radius to handle any network based systems (switches, routers, firewalls, & VPN) to authenticate end-users when they are trying to SSH and/or VPN into…
bwinchell
  • 51
  • 1
  • 10
1
vote
1 answer

'Windows NT user or group not found' when creating Windows logins on SQL Server 2019 on Linux

I need to enable Active Directory authentication on SQL Server 2019 running on CentOS 7. The server centos-1 alresdy has sssd pre-configured to us AD authentication. However, I followed the official Microsoft guide on how to enable Windows…
chpong-chpang
  • 11
  • 4
1
vote
1 answer

Create Certificates for PKINIT-based Kerberos login on Active Directory

I'm trying to set-up a PKINIT-based Kerberos login on a Active Directory. The login shall be performed using sssd on Linux. However, the kerberos server does not accept the client certificate. We receive an error with event ID 21: Certificate for…
PraMiD
  • 162
  • 2
  • 15
1
vote
1 answer

Validate AD user can login using SSSD on SuSE

I have a requirement to validate if a given user can login to a machine. I don't know their password, but the script can elevate to root using sudo. All the users are AD accounts using SSSD. Everything I've found just validates if the user is valid…
adam crane
  • 11
  • 1
1
vote
2 answers

SSSD - LDAP group based access - ldap schema rfc2307bis

I'm having trouble setting up access_provider = ldap in SSSD. Problem is with the ldap_access_filter. LDAP side looks like this: USER: # username, users, location, dc1.dc2 dn: uid=username,ou=users,l=location,dc=dc1,dc=dc2 shadowExpire:…
Nifares
  • 11
  • 1
  • 2
1
vote
1 answer

Getent group with a long name and multiple spaces - SSSD

So I'm trying to return a group but I think the string is either to long or it's just not compatible with SSSD. So backgroup is I've already tested this domain for a user and also a group e.g getent passwd user1@domain2 and I get a return. I also…
Rhys Brace
  • 11
  • 2
1
vote
1 answer

SSSD Authentication with Samba 4

I have recently upgraded to samba 4 from samba 3.5 on a RHEL 6.3 platform. It is pleasing that the new version can replace AD DC and has it's own built it kdc and ldb database. Now my intention is to make linux boxes authenticate to samba4 by…
user1600936
  • 101
  • 1
  • 3
  • 14
0
votes
0 answers

Smartcard setup in RHEL8 using Active Directory without IDM

Here is some background: my organization is moving from RHEL7 using the UI/Coolkey Smartcard setup for autolock on removal and authenticating to the AD. We are in the process of upgrading to RHEL8 in our Secure Area (which means local only…
Steven C.
  • 1
  • 1
0
votes
0 answers

Goodle LDAP on Linux using SSSD and PAM is taking too long to login

In the past I was using Samba with zero problems, but since I migrated to GCP and started using LDAP I have had some problems. I hope you can help me. Our school has a domain at GCP and we are using many services, one of them being…
elmaia
  • 11
  • 1
0
votes
0 answers

Server outside of AWS VPC how to join the AWS simple AD?

I m starting to explore the AWS simple AD services. I have AWS simple AD setup in my AWS VPC, I have one window and one Ubuntu EC2 instances setup in this VPC as well. I use this Windows server to create users and groups, and it also works well for…
Yvette Lau
  • 191
  • 1
  • 7
0
votes
0 answers

How to give root privilege to Windows Group

I can add linux machine [sles 15 sp 4] to AD windows [Windows Server 2016] With SSSD, the linux computer is connect well to domain; but i can't give root to privilege to windows group and i can't give privilge Sudoers to windows group…
oussama_tr
  • 61
  • 7
0
votes
0 answers

"PermitTTY no" under a Match Group in sshd is not working.?

There is an AD group created and we have added it in sshd as Match Group with "permitTTY no",but the it's not working. root@server# cat /etc/ssh/sshd_config |grep -i Match Match Group xxxxxxxx permitTTY no Other team has tested the logins,but…
karunakar
  • 1
  • 1
0
votes
0 answers

upgrading sssd on rhel8 breaks PAM auth in docker container

i am having a problem with PAM authentication in docker container(used for auth for RStudio server), /var/lib/sss is mounted in the container so PAM authentication works. But on sssd-2.7.3-4.el8_7.3 it no longer works, the below log is from…
Johnny Niklasson
  • 1
  • 1
0
votes
0 answers

samba openldap authentication issues Ubuntu 20.04

i'll try and be concise: i'm running a Ubuntu server 20.04 VM, i've installed OpenLDAP and Samba (this is an assignment, so i'm not worrying very much that those both are hosted on same server for the time being). I set Samba up and create my…
Medb
  • 1
1
2
3 4 5