Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1054899
Created attachment 851732
domain log for non-primary(user1_dom3) user login
Description of problem:
sssd goes offline on login for users from subdomains
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Try to login as a user from the primary domain
# time ssh -l email@example.com localhost
[firstname.lastname@example.org@amd-pike-05 ~]$ logout
Connection to localhost closed.
2. Try to login as a user from a child domain
# time ssh -l email@example.com localhost
Permission denied, please try again.
sssd goes offline with login to users from non-primary domains
See attached domain logs for login to a primary user(user1_dom1) and
See the discussion in the BZ. What Kaushik wanted was to amend the DEBUG message to hint that raising the timeout might be a good idea. I'm not sure about sss_log, that seems like too much, but maybe using some higher log level (IIRC we have something like IMPORTANT_INFO) would work.
design_review: => 0
owner: somebody => preichl
review: True => 0
testsupdated: => 0
I'll leave the ticket open so it's properly triaged
patch: 0 => 1
milestone: NEEDS_TRIAGE => SSSD 1.11.4
resolution: => fixed
status: new => closed
changelog: => See the description and title. Minor enhancement that hints what parameter should the admin increase when Kerberos authentication keeps timing out.
Metadata Update from @jhrozek:
- Issue assigned to preichl
- Issue set to the milestone: SSSD 1.11.4
to comment on this ticket.