Having problems with adding CentOS7 to our enterprise network. This worked in the past and I have no idea why now is not working.
We have out main domain "company.com" but the servers we add are in different areas so they are in "de.company.com" domain.
What I do on the server
Code: Select all
yum install realmd sssd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation
realm discover company.com
hella.com
type: kerberos
realm-name: COMPANY.COM
domain-name: company.com
configured: no
server-software: active-directory
client-software: sssd
required-package: oddjob
required-package: oddjob-mkhomedir
required-package: sssd
required-package: adcli
required-package: samba-common-tools
realm join -v --user=myadminuser1 --computer-ou=OU=Linux,OU=Servers company.com
realm list
company.com
type: kerberos
realm-name: COMPANY.COM
domain-name: company.com
configured: kerberos-member
server-software: active-directory
client-software: sssd
required-package: oddjob
required-package: oddjob-mkhomedir
required-package: sssd
required-package: adcli
required-package: samba-common-tools
login-formats: %U
login-policy: allow-permitted-logins
authconfig --enablesssdauth --enablesssd --updateall
I can see my user from AD
Code: Select all
[root@ici ~]# getent passwd myuser2
myuser2:*:1317420:131740:myuser2:/home/myuser2:/bin/bash
Code: Select all
ssh -l fejoad2 localhost
Code: Select all
pam_sss(sshd:auth): authentication success; logname= uid=0 euid=0 tty=ssh ruser= rhost=localhost user=myuser2
Failed password for myuser2 from ::1 port 34000 ssh2
fatal: Access denied for user myuser2 by PAM account configuration [preauth]
Code: Select all
pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=localhost user=myuser2
pam_sss(sshd:auth): received for user myuser2: 4 (System error)
Failed password for myuser2 from ::1 port 55422 ssh2
Connection closed by ::1 port 55422 [preauth]
Connection closed by 127.0.0.1 port 55518 [preauth]
Any suggestion is welcomed!