[domain\xxx.pvt]
Is the backslash valid here? I am sure an expert will say yes..
You are well aware that RHEL 5 is out of support lifetime?
I would imagine that you have some critical applications which run on these machines though.
I have been tasked with joining a number of redhat/centos 5 servers to a domain. I found sssd-1.9 that would allow id_provider ad. This is Centos 5.11.
Here is what I got:
[root@testcentos5 db]# /usr/sbin/sssd -i -d9
(Wed Jul 18 13:18:49:136142 2018) [sssd] [ldb] (0x0400): server_sort:Unable to register control with rootdse!
(Wed Jul 18 13:18:49:137532 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 0)
(Wed Jul 18 13:18:49:137857 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:137962 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:138029 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:138161 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:138226 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:138343 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:138404 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:138502 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:138660 2018) [sssd] [confdb_create_ldif] (0x0400): Processing config section [sssd]
(Wed Jul 18 13:18:49:138784 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [config_file_version]
(Wed Jul 18 13:18:49:138870 2018) [sssd] [confdb_create_ldif] (0x4000): config_file_version: 2
(Wed Jul 18 13:18:49:138945 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [domains]
(Wed Jul 18 13:18:49:139034 2018) [sssd] [confdb_create_ldif] (0x4000): domains: xxx.pvt
(Wed Jul 18 13:18:49:139130 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [services]
(Wed Jul 18 13:18:49:139214 2018) [sssd] [confdb_create_ldif] (0x4000): services: nss, pam
(Wed Jul 18 13:18:49:139295 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [debug_level]
(Wed Jul 18 13:18:49:139374 2018) [sssd] [confdb_create_ldif] (0x4000): debug_level: 9
(Wed Jul 18 13:18:49:139539 2018) [sssd] [confdb_create_ldif] (0x4000): Section dn
dn: cn=sssd,cn=config
cn: sssd
config_file_version: 2
domains: xxx.pvt
services: nss, pam
debug_level: 9
(Wed Jul 18 13:18:49:139873 2018) [sssd] [confdb_create_ldif] (0x0400): Processing config section [nss]
(Wed Jul 18 13:18:49:139972 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [debug_level]
(Wed Jul 18 13:18:49:140046 2018) [sssd] [confdb_create_ldif] (0x4000): debug_level: 9
(Wed Jul 18 13:18:49:140113 2018) [sssd] [confdb_create_ldif] (0x4000): Section dn
dn: cn=nss,cn=config
cn: nss
debug_level: 9
(Wed Jul 18 13:18:49:140193 2018) [sssd] [confdb_create_ldif] (0x0400): Processing config section [domain\xxx.pvt]
(Wed Jul 18 13:18:49:140280 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [fallback_homedir]
(Wed Jul 18 13:18:49:140372 2018) [sssd] [confdb_create_ldif] (0x4000): fallback_homedir: /home/%u
(Wed Jul 18 13:18:49:140372 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [default_shell]
(Wed Jul 18 13:18:49:140372 2018) [sssd] [confdb_create_ldif] (0x4000): default_shell: /bin/bash
(Wed Jul 18 13:18:49:140372 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [ad_domain]
(Wed Jul 18 13:18:49:140377 2018) [sssd] [confdb_create_ldif] (0x4000): ad_domain: xxx.pvt
(Wed Jul 18 13:18:49:140453 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [krb5_realm]
(Wed Jul 18 13:18:49:140536 2018) [sssd] [confdb_create_ldif] (0x4000): krb5_realm: xxx.PVT
(Wed Jul 18 13:18:49:140613 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [krb5_server]
(Wed Jul 18 13:18:49:140690 2018) [sssd] [confdb_create_ldif] (0x4000): krb5_server: xxxxc02.xxx.pvt
(Wed Jul 18 13:18:49:140765 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [auth_provider]
(Wed Jul 18 13:18:49:140842 2018) [sssd] [confdb_create_ldif] (0x4000): auth_provider: krb5
(Wed Jul 18 13:18:49:141316 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [cache_credentials]
(Wed Jul 18 13:18:49:141640 2018) [sssd] [confdb_create_ldif] (0x4000): cache_credentials: True
(Wed Jul 18 13:18:49:141839 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [id_provider]
(Wed Jul 18 13:18:49:141945 2018) [sssd] [confdb_create_ldif] (0x4000): id_provider: ad
(Wed Jul 18 13:18:49:142023 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [ad_server]
(Wed Jul 18 13:18:49:142102 2018) [sssd] [confdb_create_ldif] (0x4000): ad_server: xxxxc01, xxxxc01, xxxxc01, xxxxc02, xxxxc03
(Wed Jul 18 13:18:49:142186 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [krb5_store_password_if_offline]
(Wed Jul 18 13:18:49:142267 2018) [sssd] [confdb_create_ldif] (0x4000): krb5_store_password_if_offline: True
(Wed Jul 18 13:18:49:142344 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [access_provider]
(Wed Jul 18 13:18:49:142357 2018) [sssd] [confdb_create_ldif] (0x4000): access_provider: simple
(Wed Jul 18 13:18:49:142357 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [ldap_schema]
(Wed Jul 18 13:18:49:142435 2018) [sssd] [confdb_create_ldif] (0x4000): ldap_schema: ad
(Wed Jul 18 13:18:49:142518 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [ldap_id_mappings]
(Wed Jul 18 13:18:49:142599 2018) [sssd] [confdb_create_ldif] (0x4000): ldap_id_mappings: True
(Wed Jul 18 13:18:49:142675 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [simple_allow_groups]
(Wed Jul 18 13:18:49:142753 2018) [sssd] [confdb_create_ldif] (0x4000): simple_allow_groups: linux@admins@xxx.pvt
(Wed Jul 18 13:18:49:142829 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [simple_allow_users]
(Wed Jul 18 13:18:49:142922 2018) [sssd] [confdb_create_ldif] (0x4000): simple_allow_users: rapid7scan@xxx.pvt
(Wed Jul 18 13:18:49:143005 2018) [sssd] [confdb_create_ldif] (0x0400): Processing attribute [debug_level]
(Wed Jul 18 13:18:49:143079 2018) [sssd] [confdb_create_ldif] (0x4000): debug_level: 9
(Wed Jul 18 13:18:49:143166 2018) [sssd] [confdb_create_ldif] (0x4000): Section dn
dn: cn=domain\xxx.pvt,cn=config
cn: domain\xxx.pvt
fallback_homedir: /home/%u
default_shell: /bin/bash
ad_domain: xxx.pvt
krb5_realm: XXX.PVT
krb5_server: xxx02.xxx.pvt
auth_provider: krb5
cache_credentials: True
id_provider: ad
ad_server: xxxxc01, xxxxc01, xxxxc01, xxxxc02, xxxxc03
krb5_store_password_if_offline: True
access_provider: simple
ldap_schema: ad
ldap_id_mappings: True
simple_allow_groups: linux@admins@xxx.pvt
simple_allow_users: rapid7scan@xxx.pvt
debug_level: 9
(Wed Jul 18 13:18:49:143281 2018) [sssd] [confdb_init_db] (0x1000): LDIF file to import:
dn: cn=config
version: 2
dn: cn=sssd,cn=config
cn: sssd
config_file_version: 2
domains: xxx.pvt
services: nss, pam
debug_level: 9
dn: cn=nss,cn=config
cn: nss
debug_level: 9
dn: cn=domain\bhcs.pvt,cn=config
cn: domain\bhcs.pvt
fallback_homedir: /home/%u
default_shell: /bin/bash
ad_domain: xxx.pvt
krb5_realm: XXX.PVT
krb5_server: xxxxxdc02.xxx.pvt
auth_provider: krb5
cache_credentials: True
id_provider: ad
ad_server: xxxxxc01, xxxxxc01, xxxxxc01, xxxxxc02, xxxxxc03
krb5_store_password_if_offline: True
access_provider: simple
ldap_schema: ad
ldap_id_mappings: True
simple_allow_groups: linux@admins@xxx.pvt
simple_allow_users: rapid7scan@xxx.pvt
debug_level: 9
(Wed Jul 18 13:18:49:143420 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:143639 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:143862 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:143983 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:144062 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:144166 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:144275 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:144372 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:144520 2018) [sssd] [ldb] (0x4000): start ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:144805 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 1)
(Wed Jul 18 13:18:49:158827 2018) [sssd] [ldb] (0x4000): commit ldb transaction (nesting: 0)
(Wed Jul 18 13:18:49:159670 2018) [sssd] [add_implicit_services] (0x0040): id_provider is not set for domain [xxx.pvt], trying next domain.
(Wed Jul 18 13:18:49:159863 2018) [sssd] [confdb_get_domain_internal] (0x0010): Unknown domain [xxx.pvt]
(Wed Jul 18 13:18:49:159970 2018) [sssd] [confdb_get_domains] (0x0010): Error (2 [No such file or directory]) retrieving domain [xxx.pvt], skipping!
(Wed Jul 18 13:18:49:160014 2018) [sssd] [confdb_get_domains] (0x0010): No properly configured domains, fatal error!
(Wed Jul 18 13:18:49:160068 2018) [sssd] [get_monitor_config] (0x0010): No domains configured.
(Wed Jul 18 13:18:49:160179 2018) [sssd] [main] (0x0020): Error loading configuration database: [2]: No such file or directory
Sssd.conf
[sssd]
config_file_version = 2
domains = bhcs.pvt
services = nss, pam
debug_level = 9
[nss]
debug_level = 9
[domain\xxx.pvt]
fallback_homedir = /home/%u
default_shell = /bin/bash
ad_domain = xxx.pvt
krb5_realm = xxx.PVT
krb5_server = xxxxc02.bhcs.pvt
auth_provider = krb5
cache_credentials = True
id_provider = ad
ad_server = xxxxc01, xxxxc01, xxxxdc01, xxxxdc02, xxxxc03
krb5_store_password_if_offline = True
access_provider = simple
ldap_schema = ad
ldap_id_mappings = True
# ldap_sasl_mech=GSSAPI
simple_allow_groups = linux@admins@xxx.pvt
simple_allow_users = rapid7scan@xxx.pvt
debug_level = 9
Would appreciate any assistance you could offer.
Thanks
Andrea
Andrea Laack
Host Systems
2401 S. 31st Street
Temple, TX 76508
Mailstop: MS-2-1.41
Office: 254-724-9490