Sssd-maintainers February 2023

sssd-maintainers@lists.fedoraproject.org

1 participants
1 discussions

[Bug 2168743] New: Known valid Windows AD Domain credential refused for domain "joined" F37 workstation

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2168743 Bug ID: 2168743 Summary: Known valid Windows AD Domain credential refused for domain "joined" F37 workstation Product: Fedora Version: 37 Hardware: x86_64 OS: Linux Status: NEW Component: sssd Severity: high Assignee: sssd-maintainers(a)lists.fedoraproject.org Reporter: cjm(a)tryx.org QA Contact: extras-qa(a)fedoraproject.org CC: abokovoy(a)redhat.com, atikhono(a)redhat.com, jhrozek(a)redhat.com, lslebodn(a)redhat.com, luk.claes(a)gmail.com, mzidek(a)redhat.com, pbrezina(a)redhat.com, sbose(a)redhat.com, ssorce(a)redhat.com, sssd-maintainers(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Created attachment 1943194 --> https://bugzilla.redhat.com/attachment.cgi?id=1943194&action=edit /var/log/sssd/sssd_TCLC.org.log Description of problem: login:cjm@tclc.org Password: Permission denied Version-Release number of selected component (if applicable): sssd version: 2.8.2 How reproducible: 100% Steps to Reproduce: 1. Join the Fedora workstation to the Windows AD Domain 2. Log in as a user with known valid credentials. Credentials are known to be good because they have worked for ten years on a Windows workstation domain member. Actual results: login:cjm@tclc.org Password: Permission denied Expected results: login:cjm@tclc.org Password: $ Additional info: # adcli info adcli: specify a domain to discover [root@worx ~]# adcli info tclc.org [domain] domain-name = TCLC.org domain-short = TCLC domain-forest = TCLC.org domain-controller = Aequitas.TCLC.org domain-controller-site = Default-First-Site-Name domain-controller-flags = pdc gc ldap ds kdc timeserv closest writable good-timeserv full-secret ads-web domain-controller-usable = yes domain-controllers = Aequitas.TCLC.org [computer] computer-site = Default-First-Site-Name # adcli show-computer -U sa Password for sa(a)TCLC.ORG: sAMAccountName: WORX$ userPrincipalName: - not set - msDS-KeyVersionNumber: 3 msDS-supportedEncryptionTypes: 24 dNSHostName: worx.tclc.org servicePrincipalName: RestrictedKrbHost/worx.tclc.org RestrictedKrbHost/WORX host/worx.tclc.org host/WORX operatingSystem: redhat-linux-gnu operatingSystemVersion: - not set - operatingSystemServicePack: - not set - pwdLastSet: 133204401440679346 userAccountControl: 69632 description: - not set - -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2168743

3 weeks

1
20
0 / 0

← Newer
1
Older →

2023

2022

2021

2020

Sssd-maintainers February 2023