[domain\xxx.pvt]


Is the backslash valid here? I am sure an expert will say yes..


You are well aware that RHEL 5 is out  of support lifetime?

I would imagine that you have some critical applications which run on these machines though.





From: Laack, Andrea P <Andrea.Laack@BSWHealth.org>
Sent: 18 July 2018 21:13:47
To: sssd-users@lists.fedorahosted.org
Subject: [SSSD-users] problems with sssd-1.9
 

I have been tasked with joining a number of redhat/centos 5 servers to a domain.  I found sssd-1.9 that would allow id_provider ad.  This is Centos 5.11.

 

Here is what I got:

 

[root@testcentos5 db]# /usr/sbin/sssd -i -d9

(Wed Jul 18 13:18:49:136142 2018) [sssd] [ldb] (0x0400): server_sort:Unable to register control with rootdse!

(Wed Jul 18 13:18:49:137532 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 0)

(Wed Jul 18 13:18:49:137857 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:137962 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:138029 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:138161 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:138226 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:138343 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:138404 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:138502 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:138660 2018) [sssd] [confdb_create_ldif] (0x0400): Processing config section [sssd]

(Wed Jul 18 13:18:49:138784 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [config_file_version]

(Wed Jul 18 13:18:49:138870 2018) [sssd] [confdb_create_ldif] (0x4000): config_file_version: 2

(Wed Jul 18 13:18:49:138945 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [domains]

(Wed Jul 18 13:18:49:139034 2018) [sssd] [confdb_create_ldif] (0x4000): domains: xxx.pvt

(Wed Jul 18 13:18:49:139130 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [services]

(Wed Jul 18 13:18:49:139214 2018) [sssd] [confdb_create_ldif] (0x4000): services: nss, pam

(Wed Jul 18 13:18:49:139295 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [debug_level]

(Wed Jul 18 13:18:49:139374 2018) [sssd] [confdb_create_ldif] (0x4000): debug_level: 9

(Wed Jul 18 13:18:49:139539 2018) [sssd] [confdb_create_ldif] (0x4000): Section dn

dn: cn=sssd,cn=config

cn: sssd

config_file_version: 2

domains: xxx.pvt

services: nss, pam

debug_level: 9

 

(Wed Jul 18 13:18:49:139873 2018) [sssd] [confdb_create_ldif] (0x0400): Processing config section [nss]

(Wed Jul 18 13:18:49:139972 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [debug_level]

(Wed Jul 18 13:18:49:140046 2018) [sssd] [confdb_create_ldif] (0x4000): debug_level: 9

(Wed Jul 18 13:18:49:140113 2018) [sssd] [confdb_create_ldif] (0x4000): Section dn

dn: cn=nss,cn=config

cn: nss

debug_level: 9

 

(Wed Jul 18 13:18:49:140193 2018) [sssd] [confdb_create_ldif] (0x0400): Processing config section [domain\xxx.pvt]

(Wed Jul 18 13:18:49:140280 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [fallback_homedir]

(Wed Jul 18 13:18:49:140372 2018) [sssd] [confdb_create_ldif] (0x4000): fallback_homedir: /home/%u

(Wed Jul 18 13:18:49:140372 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [default_shell]

(Wed Jul 18 13:18:49:140372 2018) [sssd] [confdb_create_ldif] (0x4000): default_shell: /bin/bash

(Wed Jul 18 13:18:49:140372 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [ad_domain]

(Wed Jul 18 13:18:49:140377 2018) [sssd] [confdb_create_ldif] (0x4000): ad_domain: xxx.pvt

(Wed Jul 18 13:18:49:140453 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [krb5_realm]

(Wed Jul 18 13:18:49:140536 2018) [sssd] [confdb_create_ldif] (0x4000): krb5_realm: xxx.PVT

(Wed Jul 18 13:18:49:140613 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [krb5_server]

(Wed Jul 18 13:18:49:140690 2018) [sssd] [confdb_create_ldif] (0x4000): krb5_server: xxxxc02.xxx.pvt

(Wed Jul 18 13:18:49:140765 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [auth_provider]

(Wed Jul 18 13:18:49:140842 2018) [sssd] [confdb_create_ldif] (0x4000): auth_provider: krb5

(Wed Jul 18 13:18:49:141316 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [cache_credentials]

(Wed Jul 18 13:18:49:141640 2018) [sssd] [confdb_create_ldif] (0x4000): cache_credentials: True

(Wed Jul 18 13:18:49:141839 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [id_provider]

(Wed Jul 18 13:18:49:141945 2018) [sssd] [confdb_create_ldif] (0x4000): id_provider: ad

(Wed Jul 18 13:18:49:142023 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [ad_server]

(Wed Jul 18 13:18:49:142102 2018) [sssd] [confdb_create_ldif] (0x4000): ad_server: xxxxc01, xxxxc01, xxxxc01, xxxxc02, xxxxc03

(Wed Jul 18 13:18:49:142186 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [krb5_store_password_if_offline]

(Wed Jul 18 13:18:49:142267 2018) [sssd] [confdb_create_ldif] (0x4000): krb5_store_password_if_offline: True

(Wed Jul 18 13:18:49:142344 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [access_provider]

(Wed Jul 18 13:18:49:142357 2018) [sssd] [confdb_create_ldif] (0x4000): access_provider: simple

(Wed Jul 18 13:18:49:142357 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [ldap_schema]

(Wed Jul 18 13:18:49:142435 2018) [sssd] [confdb_create_ldif] (0x4000): ldap_schema: ad

(Wed Jul 18 13:18:49:142518 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [ldap_id_mappings]

(Wed Jul 18 13:18:49:142599 2018) [sssd] [confdb_create_ldif] (0x4000): ldap_id_mappings: True

(Wed Jul 18 13:18:49:142675 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [simple_allow_groups]

(Wed Jul 18 13:18:49:142753 2018) [sssd] [confdb_create_ldif] (0x4000): simple_allow_groups: linux@admins@xxx.pvt

(Wed Jul 18 13:18:49:142829 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [simple_allow_users]

(Wed Jul 18 13:18:49:142922 2018) [sssd] [confdb_create_ldif] (0x4000): simple_allow_users: rapid7scan@xxx.pvt

(Wed Jul 18 13:18:49:143005 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [debug_level]

(Wed Jul 18 13:18:49:143079 2018) [sssd] [confdb_create_ldif] (0x4000): debug_level: 9

(Wed Jul 18 13:18:49:143166 2018) [sssd] [confdb_create_ldif] (0x4000): Section dn

dn: cn=domain\xxx.pvt,cn=config

cn: domain\xxx.pvt

fallback_homedir: /home/%u

default_shell: /bin/bash

ad_domain: xxx.pvt

krb5_realm: XXX.PVT

krb5_server: xxx02.xxx.pvt

auth_provider: krb5

cache_credentials: True

id_provider: ad

ad_server: xxxxc01, xxxxc01, xxxxc01, xxxxc02, xxxxc03

krb5_store_password_if_offline: True

access_provider: simple

ldap_schema: ad

ldap_id_mappings: True

simple_allow_groups: linux@admins@xxx.pvt

simple_allow_users: rapid7scan@xxx.pvt

debug_level: 9

 

(Wed Jul 18 13:18:49:143281 2018) [sssd] [confdb_init_db] (0x1000): LDIF file to import:

dn: cn=config

version: 2

 

dn: cn=sssd,cn=config

cn: sssd

config_file_version: 2

domains: xxx.pvt

services: nss, pam

debug_level: 9

 

dn: cn=nss,cn=config

cn: nss

debug_level: 9

 

dn: cn=domain\bhcs.pvt,cn=config

cn: domain\bhcs.pvt

fallback_homedir: /home/%u

default_shell: /bin/bash

ad_domain: xxx.pvt

krb5_realm: XXX.PVT

krb5_server: xxxxxdc02.xxx.pvt

auth_provider: krb5

cache_credentials: True

id_provider: ad

ad_server: xxxxxc01, xxxxxc01, xxxxxc01, xxxxxc02, xxxxxc03

krb5_store_password_if_offline: True

access_provider: simple

ldap_schema: ad

ldap_id_mappings: True

simple_allow_groups: linux@admins@xxx.pvt

simple_allow_users: rapid7scan@xxx.pvt

debug_level: 9

 

(Wed Jul 18 13:18:49:143420 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:143639 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:143862 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:143983 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:144062 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:144166 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:144275 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:144372 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:144520 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:144805 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)

(Wed Jul 18 13:18:49:158827 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 0)

(Wed Jul 18 13:18:49:159670 2018) [sssd] [add_implicit_services] (0x0040): id_provider is not set for domain [xxx.pvt], trying next domain.

(Wed Jul 18 13:18:49:159863 2018) [sssd] [confdb_get_domain_internal] (0x0010): Unknown domain [xxx.pvt]

(Wed Jul 18 13:18:49:159970 2018) [sssd] [confdb_get_domains] (0x0010): Error (2 [No such file or directory]) retrieving domain [xxx.pvt], skipping!

(Wed Jul 18 13:18:49:160014 2018) [sssd] [confdb_get_domains] (0x0010): No properly configured domains, fatal error!

(Wed Jul 18 13:18:49:160068 2018) [sssd] [get_monitor_config] (0x0010): No domains configured.

(Wed Jul 18 13:18:49:160179 2018) [sssd] [main] (0x0020): Error loading configuration database: [2]: No such file or directory

 

 

Sssd.conf

 

[sssd]

config_file_version = 2

domains = bhcs.pvt

services = nss, pam

debug_level = 9

 

 

[nss]

debug_level = 9

 

[domain\xxx.pvt]

fallback_homedir = /home/%u

default_shell = /bin/bash

ad_domain = xxx.pvt

krb5_realm = xxx.PVT

krb5_server = xxxxc02.bhcs.pvt

auth_provider = krb5

cache_credentials = True

id_provider = ad

ad_server = xxxxc01, xxxxc01, xxxxdc01, xxxxdc02, xxxxc03

krb5_store_password_if_offline = True

access_provider = simple

ldap_schema = ad

ldap_id_mappings = True

# ldap_sasl_mech=GSSAPI

simple_allow_groups = linux@admins@xxx.pvt

simple_allow_users = rapid7scan@xxx.pvt

debug_level = 9

 

 

Would appreciate any assistance you could offer.

 

Thanks

Andrea

 

 

Andrea Laack 

Host Systems

 

2401 S. 31st Street

Temple, TX  76508

Mailstop: MS-2-1.41

Office:  254-724-9490

andrea.laack@bswhealth.org

 

           

 

 


The information contained in this e-mail may be privileged and/or confidential, and protected from disclosure, and no waiver of any attorney-client, work product, or other privilege is intended. If you are the intended recipient, further disclosures are prohibited without proper authorization. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden and possibly a violation of federal or state law and regulations. The sender and Baylor Scott & White Health, and its affiliated entities, hereby expressly reserve all privileges and confidentiality that might otherwise be waived as a result of an erroneous or misdirected e-mail transmission. No employee or agent is authorized to conclude any binding agreement on behalf of Baylor Scott & White Health, or any affiliated entity, by e-mail without express written confirmation by the CEO, the Senior Vice President of Supply Chain Services or other duly authorized representative of Baylor Scott & White Health.