Thread: Quantal (12.10) Login manger does not ask for password when using SSSD
- ubuntu 12.10 gui not prompt password network users
- i have been using sssd allow authentication our ad server.
- my configuration works on prior versions of ubuntu @ least 10.04.
- this happens when using gui command line able login user , prompts password.
- under user accounts network user option automatic login set off
- command line login works correctly problem gui login page
recreate issue:
1.) install 12.10
2.) install packages ntp sssd libnss-sss libpam-sss krb5-user
3.) configure sssd example below
4.) verify sfu has been setup on ad server , user has been configured uid
5.) put ad cert in directory supplied
sssd example
[sssd]
config_file_version = 2
reconnection_retries = 3
sbus_timeout = 30
services = nss, pam
domains = example.com
[nss]
filter_groups = root
filter_users = root
reconnection_retries = 3
[pam]
reconnection_retries = 3
debug_level = 3
[domain/example.com]
enumerate = true
min_id = 1
id_provider = ldap
ldap_uri = ldaps://dc1.example.com/
ldap_user_search_base = dc=example,dc=com
ldap_group_search_base = dc=example,dc=com
ldap_default_bind_dn = cn=binduser,cn=users,dc=example,dc=com
ldap_default_authtok_type = password
ldap_default_authtok = bindpassword
ldap_user_object_class = user
ldap_user_name = samaccountname
ldap_user_uid_number = uidnumber
ldap_user_gid_number = gidnumber
ldap_user_home_directory = unixhomedirectory
ldap_user_shell = loginshell
ldap_user_principal = userprincipalname
ldap_user_member = mssfu30posixmemberof
ldap_group_object_class = group
ldap_group_name = samaccountname
ldap_group_gid_number = gidnumber
ldap_group_member = member
ldap_tls_cacertdir = /etc/ssl/certs/
ldap_tls_cacert = /etc/ssl/certs/adcert.pem
[domain/example.com]
ldap_id_use_start_tls = false
cache_credentials = true
id_provider = ldap
auth_provider = krb5
chpass_provider = krb5
debug_level = 3
ldap_schema = rfc2307bis
ldap_force_upper_case_realm = true
krb5_realm = example.com
ldap_search_base = dc=example,dc=com
ldap_uri = ldaps://dc1.example.com/
krb5_kpasswd = dc1.example.com
krb5_kdcip = dc1.example.com
ldap_tls_cacertdir = /etc/ssl/certs/
ldap_tls_cacert = /etc/ssl/certs/adcert.pem
you should report @ lauchpad. uf not bug tracker.
Forum The Ubuntu Forum Community Ubuntu Official Flavours Support General Help [ubuntu] Quantal (12.10) Login manger does not ask for password when using SSSD
Ubuntu
Comments
Post a Comment