Setting use_fully_qualified_names in sssd.conf returns [Invalid SSSD configuration detected]
Issue
Setting use_fully_qualified_names = False
in sssd.conf returns [Invalid SSSD configuration detected]
-
use_fully_qualified_names = False
option has just been added tosssd.conf
[domain/idm.example.com] id_provider = ipa ipa_server_mode = True ipa_server = server.idm.example.com ipa_domain = idm.example.com ipa_hostname = server.idm.example.com auth_provider = ipa chpass_provider = ipa access_provider = ipa cache_credentials = True ldap_tls_cacert = /etc/ipa/ca.crt krb5_store_password_if_offline = True use_fully_qualified_names = False <<<<<===== [sssd] services = nss, pam, ifp, ssh, sudo default_domain_suffix = example.com domain_resolution_order = example.com, idm.example.com domains = idm.example.com
-
Below SSSD log is recorded in
/var/log/messages
:systemd[1]: Starting System Security Services Daemon... sssd[21981]: Error (1432158262 [Invalid SSSD configuration detected]) retrieving domain [idm.example.com], skipping! sssd[21981]: Starting up sssd[21981]: Error (1432158262 [Invalid SSSD configuration detected]) retrieving domain [idm.example.com], skipping! sssd_be[21982]: Starting up sssd_be[21982]: Error (1432158262 [Invalid SSSD configuration detected]) retrieving domain [idm.example.com], skipping! sssd_nss[21983]: Starting up sssd_nss[21983]: Error (1432158262 [Invalid SSSD configuration detected]) retrieving domain [idm.example.com], skipping! sssd_ifp[21985]: Starting up sssd_ifp[21985]: Error (1432158262 [Invalid SSSD configuration detected]) retrieving domain [idm.example.com], skipping! sssd_sudo[21987]: Starting up sssd_sudo[21987]: Error (1432158262 [Invalid SSSD configuration detected]) retrieving domain [idm.example.com], skipping! sssd_ssh[21986]: Starting up sssd_ssh[21986]: Error (1432158262 [Invalid SSSD configuration detected]) retrieving domain [idm.example.com], skipping! sssd_pac[21988]: Starting up sssd_pac[21988]: Error (1432158262 [Invalid SSSD configuration detected]) retrieving domain [idm.example.com], skipping! sssd_pam[21984]: Starting up sssd_pam[21984]: Error (1432158262 [Invalid SSSD configuration detected]) retrieving domain [idm.example.com], skipping!
-
AD trust between IdM and AD domain has been established.
-
default_domain_suffix
anddomain_resolution_order
options are present insssd.conf
to allow AD user authentication without specifying domain portion of username:default_domain_suffix = example.com domain_resolution_order = example.com, idm.example.com
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 8
- Red Hat Enterprise Linux 9
- SSSD
- Red Hat Identity Management (IdM) / FreeIPA
- ipa-server
- ipa-client
- Active Directory (AD)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.