lá.
Primeiro, diz que o daemon não encontrou o /etc/sssd/sssd.conf. Então, eu criei isso e, ao executar o sssd "systemctl start sssd.service", ele mostra os seguintes erros.
Jun 25 21:00:48 tmax1 sssd[nss][14286]: Starting up Jun 25 21:00:48 tmax1 sssd[nss][14288]: Starting up Jun 25 21:00:48 tmax1 sssd[pam][14287]: Starting up Jun 25 21:00:48 tmax1 sssd[pam][14289]: Starting up Jun 25 21:00:49 tmax1 sssd[be[DOMAIN.COM]][14290]: Starting up Jun 25 21:00:49 tmax1 sssd[14278]: Exiting the SSSD. Could not restart critical service [DOMAIN.COM]. Jun 25 21:00:49 tmax1 systemd[1]: sssd.service: main process exited, code=exited, status=1/FAILURE Jun 25 21:00:49 tmax1 systemd[1]: Failed to start System Security Services Daemon. Jun 25 21:00:49 tmax1 systemd[1]: Unit sssd.service entered failed state. Jun 25 21:00:49 tmax1 systemd[1]: sssd.service failed.
Existe algum outro arquivo de configuração ou algo para verificar antes de executar o sssd?
Eu posso verificar o reino por "domínio descobrir DOMAIN.COM". Ping está bem.
[test1@ ~]$ realm discover domain.com domain.com type: kerberos realm-name: DOMAIN.COM domain-name: domain.com configured: no server-software: active-directory client-software: sssd required-package: oddjob required-package: oddjob-mkhomedir required-package: sssd required-package: adcli required-package: samba-common-tools
Às vezes, o comando "kinit" não funciona, mas eu posso ver o ticket pelo "klist" somente com a conta root.
[test1@ ~]$ klist klist: Credentials cache keyring 'persistent:1000:1000' not found [root@ ~]# klist Ticket cache: KEYRING:persistent:0:0 Default principal: [email protected] Valid starting Expires Service principal 06/25/2018 17:08:47 06/26/2018 03:08:47 krbtgt/[email protected] renew until 07/02/2018 17:08:45
O que eu faço mais para iniciar o sssd ..?
Obrigado.
Tags active-directory sssd linux