/var/log/auth.log seems to indicate that AD users are properly authenticated, they just aren't authorized:
May 4 09:27:10 myhostname compiz: pam_sss(unity:auth): authentication success; logname= uid=12345 euid=12345 tty= r user= rhost= user=myuser May 4 09:27:10 myhostname compiz: gkr-pam: unlocked login keyring May 4 09:27:10 myhostname compiz: pam_sss(unity:account): Access denied for user myuser: 6 (Permission denied) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1578415 Title: Lockscreen access denied (AD auth via sssd) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1578415/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs