Yes -- it does look like something strange happened with time on the server during provisioning, which might cause this issue. I'm looking into why time shifted.

On Tue, Mar 29, 2016 at 11:15 AM, Lukas Slebodnik <lslebodn@redhat.com> wrote:
On (29/03/16 10:48), Chadwick Banning wrote:
>There are settings in the sssd.conf file that aren't in the ldbsearch
>output or that have the wrong values in the output:
>
>
>[root@host ~]# cat /etc/sssd/sssd.conf
>
>[domain/domain.com]
>
>access_provider = simple
>
>ad_domain = domain.com
>
>ad_hostname = host.domain.com
>
>cache_credentials = true
>
>debug_level = 6
>
>default_shell = /bin/bash
>
>dyndns_update = false
>
>fallback_homedir = /home/%u
>
>id_provider = ad
>
>krb5_realm = DOMAIN.COM <http://domain.com/>
>
>krb5_store_password_if_offline = true
>
>ldap_id_mapping = true
>
>realmd_tags = manages-system joined-with-adcli
>
>simple_allow_groups = Group1
>
>use_fully_qualified_names = false
>
>
>
>[sssd]
>
>config_file_version = 2
>
>domains = domain.com
>
>override_space = _
>
>services = nss,pam
>
>
>
>[root@host ~]# ldbsearch -H /var/lib/sss/db/config.ldb
>
>server_sort:Unable to register control with rootdse!
>
># record 1
>
>dn: cn=sssd,cn=config
>
>cn: sssd
>
>config_file_version: 2
>
>domains: domain.com
>
>services: nss, pam
>
>distinguishedName: cn=sssd,cn=config
>
>
>
># record 2
>
>dn: cn=config
>
>version: 2
>
>lastUpdate: 1459260529
>
Are you really sure that sssd was restarted after changing sssd.conf?
The attribute lastUpdate says taht sssd.conf was changed at
"Tuesday, 29-Mar-16 14:08:49 UTC"

Your timezeone seems to be -4:00 according to mail header.

But in your previous mail configuration file was changed
earlier (13:29:58 UTC)


Mar 29 09:29:58 localhost puppet-agent[2865]:
(Class[Realmd::Sssd::Service]) Scheduling refresh of Service[sssd]

Mar 29 09:29:58 localhost systemd: Stopping System Security Services
Daemon...

Mar 29 09:29:58 localhost sssd[nss]: Shutting down

Mar 29 09:29:58 localhost sssd[be[domain.com]]: Shutting down

Mar 29 09:29:58 localhost sssd[pam]: Shutting down

Mar 29 09:29:58 localhost systemd: Starting System Security Services
Daemon...

Mar 29 09:29:58 localhost sssd: Starting up

Mar 29 09:29:58 localhost sssd[be[domain.com]]: Starting up

Mar 29 09:29:59 localhost sssd[nss]: Starting up

Mar 29 09:29:59 localhost sssd[pam]: Starting up

Mar 29 09:29:59 localhost systemd: Started System Security Services Daemon.


Is it possible that sssd.conf was changed more often with different versions ?

LS
_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-users@lists.fedorahosted.org



--
Chadwick Banning