On Tue, Apr 07, 2015 at 01:55:43PM +0200, Chamambo Martin wrote: > Thanx Jakub for pointing me to the right direction .This is what I have now > and I have increased the debug level during troubleshooting > > [domain/ai.co.zw] > > debug_level=3 > cache_credentials = True > krb5_store_password_if_offline = True > ipa_domain = ai.co.zw > id_provider = ipa > sudo_provider = ipa > auth_provider = ipa > access_provider = ipa > ipa_hostname = ironhide.ai.co.zw > chpass_provider = ipa > ipa_server = _srv_, cyclops.ai.co.zw > ldap_tls_cacert = /etc/ipa/ca.crt > [sssd] > services = nss, sudo, pam, ssh > config_file_version = 2 > > > domains = ai.co.zw > [nss] > homedir_substring = /home > > [pam] > > [sudo] > > [autofs] > > [ssh] > > Error messages from /var/log/sssd/sssd_ai.co.zw when debug level is set at 4
This snippet just shows successfull authentication, which I guess is when sudo asked for the password. Anything interesting in the sudo log? /var/log/sssd/sssd_sudo.log You might need a higher debug_level, though (6?) -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project