> Date: Tue, 1 Oct 2013 20:43:54 +0200
> From: jhro...@redhat.com
> To: sssd-users@lists.fedorahosted.org
> Subject: Re: [SSSD-users] authenticating against all sub-domains in AD forest
>
> On Sun, Sep 29, 2013 at 02:41:11PM +0100, a t wrote:
> > Hi,
> >
> > That user, test.user, is in the subdomain a.domain.org.
> >
> > Thr logs mark domain.org as a subdomain of b.domain.org. however, this is
> > not correct - domain.org is the root domain of which b.domain.org is a
> > subdomain. We do not have users in the root domain. All users are in other
> > subdomains.
> >
> > I believe the user I tested in another subdomain, mhunt.t...@a.domain.org
> > did not show in the logs. When I tried to log in with
> > mhunt.t...@a.domain.org the logs show that sssd believes that domain "a" is
> > a subdomain if b.domain.org rather than another subdomain of domain.org.
> >
> > I might have to ask if I can send un-obfuscated incase I am adding in
> > confusion!
> >
> > Thanks,
> >
> > Matthew
>
> Interesting, I see no fatal erorr in the domain log, then. Could you
> also paste the tail of /var/log/secure after the auth and also put
> debug_level directive into the [pam] section as well?
>
> If you prefer, you can send the logs directly to me without obfuscation.
> _______________________________________________
> sssd-users mailing list
> sssd-users@lists.fedorahosted.org
> https://lists.fedorahosted.org/mailman/listinfo/sssd-users
Hi,
I'll send the logs direct, thank you. I have debug_level = 8. Is that Ok or too
chatty?
Thanks,
Matthew
_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users
