A small group of us have been trying to get our Ubuntu hosts fully
integrated into AD using sssd. We have slowly chipped away at the
issues. We believe we are left with one major issue, when we try to
login with SSH we get 4: (System error).
The host is Ubuntu 16.04.1, up to date as of today, so sssd
1.13.4-1ubuntu1. All PAM files are the defaults.
We used the `realm` command to join AD:
realm -v join
tou.t3.ucdavis.edu -U MyAdminAccount(a)TOU.T3.UCDAVIS.EDU
Our AD is set up with
TOU.T3.UCDAVIS.EDU as a child domain in the same
forest as the parent domain,
T3.UCDAVIS.EDU, with users in
T3.UCDAVIS.EDU and computers and groups in
TOU.T3.UCDAVIS.EDU.
All sssd logs (debug_level = 9) and config files are here:
https://descolada.ucdavis.edu/415bfd2c-b0fa-11e6-97b8-3417ebb1df52/
The timing that generated those log files:
13:02: Clear logs, restart sssd
13:03: id omen
13:04: ssh omen@ (correct password, 4 (System error))
In /var/log/auth.log:
Nov 22 13:04:41 phys-adtest sshd[29803]: pam_unix(sshd:auth): authentication failure;
logname= uid=0 euid=0 tty=ssh ruser= rhost=169.237.42.193 user=omen
Nov 22 13:04:42 phys-adtest sshd[29803]: pam_sss(sshd:auth): authentication failure;
logname= uid=0 euid=0 tty=ssh ruser= rhost=169.237.42.193 user=omen
Nov 22 13:04:42 phys-adtest sshd[29803]: pam_sss(sshd:auth): received for user omen: 4
(System error)
Nov 22 13:04:43 phys-adtest sshd[29803]: Failed password for omen from 169.237.42.193
port 42414 ssh2: RSA SHA256:FJYFiUaVTKvx6cL9QG07WURCN/hqRLMZ1WvZCSJXN/g
13:05: ssh omen@ (incorrect password)
In /var/log/auth.log:
Nov 22 13:05:34 phys-adtest sshd[29823]: pam_unix(sshd:auth): authentication failure;
logname= uid=0 euid=0 tty=ssh ruser= rhost=169.237.42.193 user=omen
Nov 22 13:05:34 phys-adtest sshd[29823]: pam_sss(sshd:auth): authentication failure;
logname= uid=0 euid=0 tty=ssh ruser= rhost=169.237.42.193 user=omen
Nov 22 13:05:34 phys-adtest sshd[29823]: pam_sss(sshd:auth): received for user omen: 17
(Failure setting user credentials)
Nov 22 13:05:37 phys-adtest sshd[29823]: Failed password for omen from 169.237.42.193
port 42434 ssh2: RSA SHA256:FJYFiUaVTKvx6cL9QG07WURCN/hqRLMZ1WvZCSJXN/g
Nov 22 13:05:38 phys-adtest sshd[29823]: Connection closed by 169.237.42.193 port 42434
[preauth]
13:06: systemctl stop sssd
Thanks!
Omen
--
Omen Wild
Systems Administrator
Metro Cluster