Questions tagged [sssd]
The sssd tag has no usage guidance.
87
questions
16
votes
1
answer
48k
views
Ubuntu 20.10 sssd (System Security Services Daemon) failure
Don't know why, but they decided to add sssd (System Security Services Daemon) to the standard Ubuntu 20.10 upgrade and fresh install. It fails to start, and generates lots of error messages. It's not ...
- 71.3k
7
votes
5
answers
38k
views
Edit Sudoers file to allow sudo rights to a AD domain group
I recently managed to get my Ubuntu Server 18.04 machine connected to my companies Windows AD. I am able to login with my AD credentials however I want to take it a step further...
This is the ...
- 105
7
votes
1
answer
7k
views
Why is sssd an unrecognized service, even though it is installed and can be restarted?
Why is sssd an unrecognized service, even though it is installed and can be restarted?
BTW: This concerns Ubuntu 14.04.1 LTS, it was not like that in 12.04
I will show what I mean below, I think it is ...
- 838
7
votes
0
answers
21k
views
Having SSSD problems at boot since upgrading to 20.10 [duplicate]
I recently upgraded to Ubuntu (Gnome) 20.10 and ever since I have lots of messages like
SSSD failed to start system security daemon
dependency failed for PAM security socker
... and some more ...
- 215
4
votes
2
answers
7k
views
SSSD with LDAP makes apparmor very noisy in syslog
When loging in with SSSD configured against LDAP, syslog becomes very noisy with apparmor messages. This is somewhat annoying when scanning the logs for valuable information.
Maybe someone already ...
- 41
3
votes
1
answer
2k
views
snap applications without permissions to write to home directory when using sssd
I have set up sssd and joined my 18.04 LTS workstation to the company domain. Most things work OK except for a couple of snap applications. When trying to run them I get errors creating files in ~/...
- 93
3
votes
1
answer
3k
views
Ubuntu 18.04.3: Windows Domain Join Guide
Good day. Over the last few days I have gone through every guide I could find for joining Ubuntu 18.04 to a windows domain. I have what I think is a working guide after much trial and error. Would ...
3
votes
0
answers
2k
views
Getting specific errors on sssd? What does it mean and how to fix?
When I run systemctl status sssd I either get one of two messages. Can anyone tell me what this means and how to fix it?
● sssd.service - System Security Services Daemon
Loaded: loaded (/lib/...
- 41
2
votes
1
answer
2k
views
sssd windows domain users does not have privileges over the ubuntu gui
ive currently installed a fresh ubuntu 16.04 and joined it to the domain using SSSD and realmd following this walk through:
http://www.wolffhaven45.com/active-directory/...
- 21
2
votes
2
answers
10k
views
Active Directory users unable to change passwords [SSSD]
I've set up an Ubuntu 16.04 system to join a AD domain following the instruction set here.
I can login with AD users and everything is working correctly there, however AD users are unable to change ...
- 21
2
votes
1
answer
5k
views
How to add an AD group members to a local group
I already have the AD integration working via sssd where a user logging in is a member of one of two AD groups. They are able to ssh into the server and if it's their first login they're granted ...
- 234
2
votes
0
answers
343
views
Active Directory SSSD - Change Password on GDM login Screen
Looking to see if I can expand the capabilities of the SSSD/AD system with GDM, or SDDM.
We want users to be able to change their Active Directory password through our Ubuntu machines, if their ...
2
votes
1
answer
16k
views
Sssd.service Ubuntu 20.04 Desktop Problem
I tried the installs on Ubuntu 18 and 16 Desktop and Server versions and it worked. I think the only problem is with ubuntu 20.04 Desktop. Device MacBook Pro 2015 13 inches.
Şub 12 17:16:35 User ...
- 21
2
votes
0
answers
193
views
sssd got killed due to segfault in ubuntu 16.04
SSSD.LOG
--------------
(Sun Jun 14 20:23:53 2020) [sssd] [mt_svc_sigkill] (0x0010): [pam][13305] is not responding to SIGTERM. Sending SIGKILL.
(Sun Jun 14 20:29:34 2020) [sssd] [...
- 21
2
votes
2
answers
2k
views
Wrong start and expire date in credentials cache after kerberos auth
I log in to Ubuntu 18.04 successfully with kerberos/sssd authentification in an ActiveDirectory domain.
Since a few days I have an issue using my kerberos ticket/credentials cache to auth with some ...
2
votes
0
answers
933
views
LDAP configuraton issue
I'm trying to set up login via LDAP and AD. I can do user ID and group lookups (id my_user). Problem is when I’m trying to login with an AD/LDAP account via SSH for example.
From /var/log/auth.log:
...
- 21
1
vote
1
answer
9k
views
SSSD with AD: use UID/GID specified on domain server instead of something random?
I have an AD environment with IDMU and specified UID/GID for my domain users. SSSD-connected domain user does not share the same UID/GID on Ubuntu as AD.
Here's the default unedited sssd.conf in ...
- 1,286
1
vote
1
answer
7k
views
ubuntu 20 broke samba using sssd
I am using Ubuntu (server) with SSSD to join active directory domain. (using realm join to join the server to the domain)
The only settings (other than shares) I change in smb.conf are the following:
...
- 111
1
vote
2
answers
567
views
customize user profile with ubuntu 22.04 in ad domain with sssd
I have joined an ubuntu 22.04 workstation in an AD domain with SSSD.
But I cannot customize the desktop or the screen resolution for domain users.
I tried to put in /etc/skel but it didn't work as if ...
- 21
1
vote
1
answer
325
views
Logins like [email protected] cause profile files to be owned by root
The users at my school are used to logging in to email, windows etc with a login [email protected] (authenticated with Active Directory via LDAP). Unfortunately this is causing havoc and corrupting ...
- 201
1
vote
1
answer
3k
views
SSSD (LDAP) sudo password with ssh key based login
I'm trying to get an OpenLDAP server up and running a small set of servers. Some of the users naturally need root/sudo access.
The OpenLDAP is setup to use ssh keys for login using https://github.com/...
1
vote
1
answer
6k
views
SFTP with Active Directory authentication (RealmD and SSSD)
What it should look like:
My Ubuntu VM is connected through SSSD to my Active Directory Server. I want an SFTP Server that jails incomming Users that have a specific AD Group (USR-SFTP@domain) ...
- 106
1
vote
1
answer
838
views
Is it still possible to authenticate and authorize 20.04 against an unencrypted LDAP server?
20.04/'Focal Fossa' uses sssd to handle authentication, authorization, and user and group information against LDAP.
Nevertheless, sssd does not support authentication over an unencrypted channel.
I ...
- 41
1
vote
2
answers
2k
views
16.04 LTS Active Directory Integration with SSSD - authentication no longer working
By following this documentation, I succesfully joined my Ubuntu 16.04 LTS servers to my Active Directory running a pair of Windows 2016 domain controllers. It has been working for about two weeks but ...
- 21
1
vote
1
answer
6k
views
SSSD list allowed users only
With nscd/nslcd authentication scheme, it was possible to get a list of allowed users issuing this command: getent passwd
How can this be achieved with SSSD? There is an option enumeration,
but this ...
- 3,300
1
vote
1
answer
7k
views
Can't login to Active Directory although Ubuntu 22.04.3 is joined to Active Directory successfully
I have an Active Directory setup on a physical server Windows Server 2022 Datacenter Edition. I'm trying to join an Ubuntu 22.04.3 virtual machine to that AD. I follow the guide at this link (https://...
- 11
1
vote
0
answers
76
views
sssd do not use corporate domain in PTR record when deployed with vSphere
We have a workflow that deploy Ubuntu 20.04.5 LTS in vSphere VM with automatic AD integration using the following commands:
#!/bin/bash
if [ x$1 == x"precustomization" ]; then
rm -v /...
- 11
1
vote
0
answers
842
views
22.04 Samba with AD user - cannot access from Windows
Fresh 22.04 install. Only other configuration is NFS (which is working). Directories are 777. Configuration files:
sssd.conf
[sssd]
domains = home.net
config_file_version = 2
services = nss, pam
[...
- 11
1
vote
1
answer
680
views
Firefox on Ubuntu 20.04 gets "you do not have proper permissions" when downloading a file to an NFS mount
I'm running a number of Ubuntu 20.04 Desktop VMs at work, and each of them is having an issue with only Firefox when a user tries to download a file.
So, some context first on how our Ubuntu VMs are ...
- 11
1
vote
0
answers
1k
views
sssd-pac.service crashes periodically on Ubuntu 20.04
We are using the RedHat IdM 7 and have bound our server systems for central user management to our IdM cluster. We have recognized on our Ubuntu 20.04 systems that the sssd-pac.service crashes ...
- 111
1
vote
0
answers
2k
views
Ubuntu 20.04 LTS sssd update from 2.2.3-3ubuntu0.4 to 2.2.3-3ubuntu0.6 broke AD logins
I have a number of servers running Ubuntu 20.04 LTS joined to Windows Active Directory via this procedure - https://www.server-world.info/en/note?os=Ubuntu_20.04&p=realmd
Over this weekend, I ran ...
- 11
1
vote
1
answer
2k
views
Domain AD users aren't get discovered after adding Ubuntu under AD domain control
I've Joined a my ad domain with my Ubuntu 20.04.2 LTS VM (I followed this doc) and I'veJoined the AD domain with Ubuntu as
sudo realm join -U Administrator win2016.local
realm list show below output
...
- 111
1
vote
1
answer
2k
views
What does this Upgrade error means?
I get this error below when i just run sudo apt-get updata and sudo apt-get upgrade:
Setting up sssd-common (2.3.1-3ubuntu4) ...
Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing ...
- 1,977
1
vote
1
answer
3k
views
Systemd stuck looping through sssd daemon
I recently applied this fix to my fairly recent install of Ubuntu 20.4 on my Raspberry PI 4 in an attempt to correct this sssd bug.
I ran the following commands:
sudo cp /usr/lib/aarch64-linux-gnu/...
- 13
1
vote
1
answer
2k
views
LDAP authentication on Ubuntu 18.04
context
I'm trying to configure LDAP authentication on an Ubuntu 18.04 machine.
steps to reproduce
In order to do that, I followed the following steps:
apt install sssd libpam-sss libnss-sss
create ...
- 133
1
vote
0
answers
3k
views
SSSD with AD: How can I ensure AD groups not missing when ldap_id_mapping = False?
Why does altering ldap_id_mapping present different group memberships on the same AD user?
I was hoping to have my UID/GID be the same as AD with IDMU: SSSD with AD: use UID/GID specified on domain ...
- 1,286
1
vote
0
answers
630
views
SSSD Active Directory Integration with VSFTPD
My goal is to setup VSFTPD with AD authentication via SSSD. I ran through the article on Ubuntu's website here https://ubuntu.com/server/docs/service-sssd. I was able to join my domain, however ...
- 111
1
vote
0
answers
610
views
Strange behavior with pam_mount
i have a strange behavior with pam_mount on an Ubuntu 20.04 (firsch installed). The client authenticates to an ADS (UCS server 4.4) with Kerberos. The client has joined the domain and I can login with ...
- 31
1
vote
0
answers
3k
views
SSSD service not working to join Active Directory - Ubuntu 18.04 LTS
I'm a new user of Ubuntu. I want that my Ubuntu desktop could join Windows AD domain.When I try to join Active Directory with the procedure SSSD and Active Directory from Ubuntu Documentation. I'm in ...
- 21
1
vote
0
answers
1k
views
SSSD with "ldap_id_mapping = false" will fail to start, clearing /var/lib/sss/db/* and restarting service does not resolve
I’m working through a strange issue with SSSD on Ubuntu 18.04 - Unit is bound to the domain using Realmd, with SSSD as the primary authentication management service. If I change the line: ...
- 11
1
vote
1
answer
854
views
how to fix sssd segfault on ubuntu 18.04.02?
I've got an Ubuntu 18.04.02 server running samba and sssd with a decent load on it, between 300-400 active users during the day. I put it in Sunday, and it has worked fine until today the system ...
- 11
1
vote
0
answers
602
views
How can i use sudo for freeipa user in ubuntu?
I have installed Freeipa client on Ubuntu, I am able to login using remote user credentials. But the challenge is that I'm not able to run sudo with the remote user.
I have tried editing the /etc/...
1
vote
0
answers
2k
views
"user NOT in sudoers" when using RealmD, SSSD
Recently began joining our Ubuntu server to the domain for authentication. For the most part I have been successful and believe to have all configs identical on each system. However, ran into two ...
- 11
1
vote
1
answer
3k
views
Issue for restricting SSH access from a Windows AD Group (using sssd)
I joined a ubuntu 16.04 server to my Windows AD for SSH authentication. It works fine until I want to restrict access to a specific group with sssd
here's the content of my /etc/sssd/sssd.conf
[sssd]...
- 11
0
votes
2
answers
898
views
Why SSSD Service override_homedir triggers creation of home directory with wrong permissions?
I have a vendor application installed in an Ubuntu Jammy server that relies on SSSD v2.6.3 configured for LDAP integration for the authentication and creation of the home directory of the user in the ...
0
votes
1
answer
1k
views
Ubuntu Budgie 22.04 disable users list
I've just installed the pretty Budgie 22.04 on my workstation.
Users list comes from SSSD Ldap integration, but only local users show in login screen.
I've tried various things to hide the users list (...
0
votes
1
answer
2k
views
Error Ubuntu 18.04.02 LTS with add domain
We have an issue with Ubuntu 18.04.02 LTS.
We are trying to add domain and we can't.
Feb 18 09:32:26 nginx sshd[8383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ...
- 54
0
votes
1
answer
924
views
Get pwd EXPIRE_DATE
I am trying to get EXPIRE_DATE of pwd for an active directory user in ubuntu.
I can get information about the user with lslogins user but no information about password expire dates that are set in AD.
...
0
votes
1
answer
1k
views
How to prevent sssd package from modifying nsswitch.conf
We are running sssd on a number of Xenial servers to authenticate against Active Directory.
Upon installation, the sssd package added sss to most lines in /etc/nsswitch.conf as documented in https://...
- 3,636
0
votes
0
answers
49
views
Can't login with Active Directory credentials on Ubuntu GUI mode (Failed to start session)
I have Windows Server 2022 and Ubuntu Server 24.04. Ubuntu Server is joined to Windows Server successfully, but I can't login to GUI on Ubuntu Server.
In terminal all work`s fine and I can login with ...
- 11