I'm using SSSD and Google LDAP. My users can log (via tailscale SSH, if that matters)
in but after being logged in for a while they get errors like:
No user exists for uid 61270005
If they log out and log back in things work. Some users have reported that just waiting
without logging out / in also resolves the issue.
Any suggestions as to how to debug or fix?
Here's my sssd.conf:
[sssd]
services = nss, pam
domains =
example.org
[
domain/example.org]
create_homedir = true
auto_private_groups = true
cache_credentials = true
ldap_tls_cert = /etc/ldap/ldap-client.crt
ldap_tls_key = /etc/ldap/ldap-client.key
ldap_uri =
ldaps://ldap.google.com
ldap_search_base = dc=example,dc=org
id_provider = ldap
auth_provider = ldap
ldap_schema = rfc2307bis
ldap_user_uuid = entryUUID
ldap_groups_use_matching_rule_in_chain = true
ldap_initgroups_use_matching_rule_in_chain = true
[pam]
offline_credentials_expiration = 1
Here's nsswitch.conf:
passwd: files systemd sss
group: files systemd sss
shadow: files sss
gshadow: files
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: files sss