debug_level was set at 6
I will try to reproduce after setting debug_level to 9
___
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs
Paul,
Sorry for the misunderstanding Much different problem!
Prentice
On 3/20/23 3:33 PM, Paul B. Henson wrote:
On 3/20/2023 8:57 AM, Prentice Bisbal wrote:
While you may be able to customize the regular expression used by
SSSD as Tomas as shown, I would be reluctant to do that, as upgrades
On Mon, Mar 20, 2023 at 09:26:31PM +0100, Alexey Tikhonov wrote:
> Could you please open a ticket at
> https://github.com/SSSD/sssd/issues
> with reference to this thread?
Done, thanks much...
https://github.com/SSSD/sssd/issues/6635
___
sssd-users mai
On Mon, Mar 20, 2023 at 8:37 PM Paul B. Henson wrote:
>
> On 3/20/2023 9:13 AM, Alexey Tikhonov wrote:
>
> > But probably SSSD should refuse to handle this kind of names
> > immediately, instead of cutting unallowed chars off and handling what
> > remains?
>
> Yes please, as the current implementa
On 3/20/2023 9:13 AM, Alexey Tikhonov wrote:
But probably SSSD should refuse to handle this kind of names
immediately, instead of cutting unallowed chars off and handling what
remains?
Yes please, as the current implementation
Otherwise it leads to a kind of security issue, as shown in the
o
On 3/20/2023 8:57 AM, Prentice Bisbal wrote:
While you may be able to customize the regular expression used by SSSD
as Tomas as shown, I would be reluctant to do that, as upgrades may
break that if you don't manage that in a configuration management
system, and since it's not expected, the QC
On 3/20/2023 8:32 AM, Tomas Halman wrote:
The SSSD default does not expect/allow '@' in username. To fix that you
can configure the re_expression parameter according to your needs.
I believe you misunderstood my problem report; I neither have nor want
@'s in usernames. However, sss appears to
On 3/20/2023 4:10 AM, Alexey Tikhonov wrote:
Did you try it with other domains (i.e. non-local users)?
Yes, I have systems configured into LDAP as shown in the configuration
below. I've never tried before, but it seems I can also login as
'user@domain', which also appears to pass that explic
On Mon, Mar 20, 2023 at 6:29 PM Craig Martin
wrote:
>
> Thanks for your response.
>
> grep -i offline /var/log/sssd/sssd_AD.FINRCVGRP.COM.log
> finds nothing.
Is this with `debug_level = 9` in the domain section of sssd.conf?
Anyway, you need to set `debug_level = 9`, restart sssd truncating
log
Thanks for your response.
grep -i offline /var/log/sssd/sssd_AD.FINRCVGRP.COM.log
finds nothing.
getent password $user produces expected results.
___
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-us
Hi,
On Mon, Mar 20, 2023 at 6:05 PM Craig Martin
wrote:
>
> Hi,
>
> I have a problem I have been unable to solve and I'm at a loss. We use sssd
> on Debian 11 clients with active directory backend. We have 4 domain
> controllers running Windows Server 2022 in our environment. If any one of
Hi,
I have a problem I have been unable to solve and I'm at a loss. We use sssd on
Debian 11 clients with active directory backend. We have 4 domain controllers
running Windows Server 2022 in our environment. If any one of those domain
controllers goes offline we experience intermittent auth
On Mon, Mar 20, 2023 at 4:33 PM Tomas Halman wrote:
>
> Hi, Alexey is right.
>
> The character @ is not expected in the username. A particular set of allowed
> characters may differ, depending on your setup.
>
> I found nice summary here: https://systemd.io/USER_NAMES/
But probably SSSD should r
I came here to say the same thing, and provide the same link. Using an @
symbol like that in a username isn't a good practice, since it's used to
separate a username from a domain name, hostname, or kerberos realm.
While you may be able to customize the regular expression used by SSSD
as Tomas
Hi, Alexey is right.
The character @ is not expected in the username. A particular set of
allowed characters may differ, depending on your setup.
I found nice summary here: https://systemd.io/USER_NAMES/
The SSSD default does not expect/allow '@' in username. To fix that you can
configure the re
Hi,
On Sat, Mar 18, 2023 at 12:04 AM Paul B. Henson wrote:
>
> We are running the latest RHEL 8.7 which includes sss version
> 2.7.3-4.el8_7.3 and noticed some odd behavior. sss seems to ignore
> leading @ characters when looking up a username. For example:
>
> # getent passwd '@cpp.a'
> cpp.a:x:
16 matches
Mail list logo