Hello, I am having problems trying to get SSSD to work with RHEL 5 to authenticate against a Microsoft AD 2008. I did a manual complile/install of Kerberos 1.9.4 to use with SSSD 1.8.2., because I understand that the kerberos must be greater than 1.7. A "getent passwd username" is unsuccessful. This is the output is the /var/log/sssd/ldap_child.log.
(Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [main] (0x0400): ldap_child started. (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [unpack_buffer] (0x1000): total buffer size: 67 (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [unpack_buffer] (0x1000): realm_str size: 12 (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [unpack_buffer] (0x1000): got realm_str: REALM.COM (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [unpack_buffer] (0x1000): princ_str size: 23 (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [unpack_buffer] (0x1000): got princ_str: [email protected] (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [unpack_buffer] (0x1000): keytab_name size: 16 (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [unpack_buffer] (0x1000): got keytab_name: /etc/krb5.keytab (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [unpack_buffer] (0x1000): lifetime: 86400 (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [ldap_child_get_tgt_sync] (0x0100): Principal name is: [[email protected]] (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [sss_krb5_get_init_creds_opt_set_canonicalize] (0x0040): Kerberos principal canonicalization is not available! (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [ldap_child_get_tgt_sync] (0x0010): Failed to init credentials: Key table entry not found (Fri Sep 7 16:49:39 2012) [[sssd[ldap_child[9473]]]] [main] (0x0020): ldap_child_get_tgt_sync failed. Haven't been able to figure out what is wrong so far. Can someone help? John _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
