#3103 GSSAPI error causes failures for child domain user logins across IPA - AD trust
Closed: Fixed None Opened 4 years ago by sbose.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1344940

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

Created attachment 1167198
logs from trying to determine AD domain information

Description of problem:
When an IPA is joined to an AD domain, the fetch command will not return data.
Users cannot authenticate.

We have created the two-way trust successfully, but the AD users cannot
authenticate.

We get conflicting responses when trying to fetch information and authenticate
users to the domain: See attached file.

Also need way to determine the health of the trust and accessibility of the
domain.

Fields changed

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
owner: somebody => sbose
patch: 0 => 1
review: True => 0
selected: =>
status: new => assigned
testsupdated: => 0

Fields changed

resolution: => fixed
status: assigned => closed

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.13.5

Metadata Update from @sbose:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.13.5

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4136

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata