On 06/29/2017 10:15 AM, Abhijit Tikekar wrote:
Hi,
Attached are the logs files, all taken for the same auth attempt.
In the krb5_child.log you can see:
(Thu Jun 29 08:49:23 2017) [[sssd[krb5_child[2358 [validate_tgt]
(0x0020): TGT failed verification using key for
[host/hostname.def.x
On Thu, Jun 29, 2017 at 10:15:52AM -0400, Abhijit Tikekar wrote:
>
> > Hi,
> >
> > Attached are the logs files, all taken for the same auth attempt.
>
> Also, if this is due to a timeout, is there any setting to control that?
krb5_auth_timeout
but please do check the logs before setting a ra
On Wed, Jun 28, 2017 at 11:09:38PM +0200, Lukas Slebodnik wrote:
> On (28/06/17 16:51), Abhijit Tikekar wrote:
> >Hi Jakub,
> >
> >Thanks for the response.
> >
> >After enabling ldap_use_tokengroups = true, "id" command is now able to
> >retrieve all the group memberships for that user. But Authent
On (28/06/17 16:51), Abhijit Tikekar wrote:
>Hi Jakub,
>
>Thanks for the response.
>
>After enabling ldap_use_tokengroups = true, "id" command is now able to
>retrieve all the group memberships for that user. But Authentication still
>doesn't work.
>
>Also tried setting ad_gpo_access_control = pe
Hi Jakub,
Thanks for the response.
After enabling ldap_use_tokengroups = true, "id" command is now able to
retrieve all the group memberships for that user. But Authentication still
doesn't work.
Also tried setting ad_gpo_access_control = permissive / access_provider =
permit but that didn't h
On Tue, Jun 27, 2017 at 01:35:18PM -0400, Abhijit Tikekar wrote:
>
> >
> > Hi,
> >
> > We are running into some SSSD authentication issues and would really
> > appreciate any advice. Here’s some background:
> >
> > Until now, all CentOS machines which use SSSD were joined to the same
> > do
