Public bug reported: When SSSD is run on a server that hosts an AD domain controller powered by Samba4, all authentication attempts will fail if SSSD is configured to use the said AD DC as backend and access_provider = ad is specified in the SSSD configuration. No problems with authentication other servers with the same SSSD setup, it'll fail just for the host running the DC.
This is a known bug documented and fixed with a simple patch available at https://fedorahosted.org/sssd/ticket/2870. Upstream has merged this and will be available in SSSD 1.14 when released. Please consider merging this patch for the Debian/Ubuntu SSSD packaging. I'd love to see this uploaded to xenial also. Thank you. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: sssd 1.13.4-1ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-28.47-generic 4.4.13 Uname: Linux 4.4.0-28-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.1 Architecture: amd64 CurrentDesktop: i3 Date: Thu Jun 30 23:48:09 2016 InstallationDate: Installed on 2015-04-16 (441 days ago) InstallationMedia: Ubuntu-GNOME 15.04 "Vivid Vervet" - Alpha amd64 (20150321) SourcePackage: sssd UpgradeStatus: Upgraded to xenial on 2016-04-22 (69 days ago) ** Affects: sssd (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug third-party-packages xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1597916 Title: SSSD authentication fails against AD on Samba4 domain controller host To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1597916/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
