> From: firstname.lastname@example.org > To: email@example.com > Subject: Re: [SSSD-users] authenticating against all sub-domains in AD forest > > On Sun, Sep 29, 2013 at 02:41:11PM +0100, a t wrote: > > Hi, > > > > That user, test.user, is in the subdomain a.domain.org. > > > > Thr logs mark domain.org as a subdomain of b.domain.org. however, this is not correct - domain.org is the root domain of which b.domain.org is a subdomain. We do not have users in the root domain. All users are in other subdomains. > > > > I believe the user I tested in another subdomain, firstname.lastname@example.org did not show in the logs. When I tried to log in with email@example.com the logs show that sssd believes that domain "a" is a subdomain if b.domain.org rather than another subdomain of domain.org. > > > > I might have to ask if I can send un-obfuscated incase I am adding in confusion! > > > > Thanks, > > > > Matthew > > Interesting, I see no fatal erorr in the domain log, then. Could you > also paste the tail of /var/log/secure after the auth and also put > debug_level directive into the [pam] section as well? > > If you prefer, you can send the logs directly to me without obfuscation. > _______________________________________________ > sssd-users mailing list > firstname.lastname@example.org > https://lists.fedorahosted.org/mailman/listinfo/sssd-users
I'll send the logs direct, thank you. I have debug_level = 8. Is that Ok or too chatty?