Вывод лога sssd
(Sat Dec 14 08:40:25 2019) [sssd[be[ALT.TEST]]] [fo_resolve_service_send] (0x0020): No available servers for service 'AD'
(Sat Dec 14 08:40:25 2019) [sssd[be[ALT.TEST]]] [sdap_id_op_connect_done] (0x0020): Failed to connect, going offline (5 [Ошибка ввода/вывода])
(Sat Dec 14 08:40:25 2019) [sssd[be[ALT.TEST]]] [ad_subdomains_refresh_connect_done] (0x0020): Unable to connect to LDAP [11]: Ресурс временно недоступен
(Sat Dec 14 08:40:25 2019) [sssd[be[ALT.TEST]]] [fo_resolve_service_send] (0x0020): No available servers for service 'AD'
(Sat Dec 14 08:40:25 2019) [sssd[be[ALT.TEST]]] [sdap_id_op_connect_done] (0x0020): Failed to connect, going offline (5 [Ошибка ввода/вывода])
(Sat Dec 14 08:40:25 2019) [sssd[be[ALT.TEST]]] [ad_subdomains_refresh_connect_done] (0x0020): Unable to connect to LDAP [11]: Ресурс временно недоступен
(Sat Dec 14 08:40:25 2019) [sssd[be[ALT.TEST]]] [fo_resolve_service_send] (0x0020): No available servers for service 'AD'
(Sat Dec 14 08:40:25 2019) [sssd[be[ALT.TEST]]] [sdap_id_op_connect_done] (0x0020): Failed to connect, going offline (5 [Ошибка ввода/вывода])
(Sat Dec 14 08:40:25 2019) [sssd[be[ALT.TEST]]] [ad_subdomains_refresh_connect_done] (0x0020): Unable to connect to LDAP [11]: Ресурс временно недоступен
(Sat Dec 14 08:40:25 2019) [sssd[be[ALT.TEST]]] [fo_resolve_service_send] (0x0020): No available servers for service 'AD'
(Sat Dec 14 08:40:25 2019) [sssd[be[ALT.TEST]]] [fo_resolve_service_send] (0x0020): No available servers for service 'AD'
(Sat Dec 14 08:40:26 2019) [sssd[be[ALT.TEST]]] [child_sig_handler] (0x0020): waitpid did not found a child with changed status.
(Sat Dec 14 08:40:26 2019) [sssd[be[ALT.TEST]]] [child_sig_handler] (0x0020): child [1282] failed with status [2].
(Sat Dec 14 08:40:26 2019) [sssd[be[ALT.TEST]]] [child_sig_handler] (0x0020): child [1305] failed with status [2].
(Sat Dec 14 08:40:26 2019) [sssd[be[ALT.TEST]]] [child_sig_handler] (0x0020): child [1320] failed with status [1].
(Sat Dec 14 08:40:26 2019) [sssd[be[ALT.TEST]]] [child_sig_handler] (0x0020): child [1327] failed with status [1].
(Sat Dec 14 08:40:26 2019) [sssd[be[ALT.TEST]]] [child_sig_handler] (0x0020): child [1334] failed with status [1].
Содержимое sssd.conf
[domain/ALT.TEST]
id_provider = ad
auth_provider = ad
chpass_provider = ad
access_provider = ad
default_shell = /bin/bash
fallback_homedir = /home/%d/%u
debug_level = 1
Хотя домен доступен, авторизация производится на клиентах и сам по себе мыльник получает пользователей. Отправить почту система позволяет, но получить почту нет возможности.
Содержимое sssd.conf с содержимым wiki sssd совпадает
Добавил postfix debug...
Dec 14 11:05:25 imap(petrov)<3851><pPPecKWZ1zoKAAIb>: Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/mail/petrov:UTF-8:INBOX=/var/mail/petrov/Inbox
Dec 14 11:05:25 imap(petrov)<3851><pPPecKWZ1zoKAAIb>: Debug: maildir++: root=/var/mail/petrov, index=, indexpvt=, control=, inbox=/var/mail/petrov/Inbox, alt=
Dec 14 11:05:25 imap(petrov)<3851><pPPecKWZ1zoKAAIb>: Debug: Mailbox Sent: Mailbox opened because: SELECT
Dec 14 11:05:38 auth: Debug: auth client connected (pid=0)
Dec 14 11:05:38 auth: Debug: client in: AUTH<-->1<----->PLAIN<->service=smtp<-->nologin>lip=10.0.0.4<-->rip=10.0.2.27<->secured>resp=<hidden>
Dec 14 11:05:38 auth: Debug: policy(petrov@alt.test,10.0.2.27): Policy check action is continue
Dec 14 11:05:38 auth-worker(3850): Debug: pam(petrov@alt.test,10.0.2.27): lookup service=dovecot
Dec 14 11:05:38 auth-worker(3850): Debug: pam(petrov@alt.test,10.0.2.27): #1/1 style=1 msg=Password:.
Dec 14 11:05:38 auth: Debug: ldap(petrov@alt.test,10.0.2.27): bind search: base=cn=Users,dc=alt,dc=test filter=(&(objectClass=user)(|(mail=petrov@alt.test)(sAMAccountName=petrov@alt.test)))
Dec 14 11:05:38 auth: Debug: ldap(petrov@alt.test,10.0.2.27): result: mail=petrov@alt.test; mail unused
Dec 14 11:05:38 auth: Debug: policy(petrov@alt.test,10.0.2.27): Policy check action is continue
Dec 14 11:05:38 auth: Debug: client passdb out: OK<---->1<----->user=petrov@alt.test<----->
Dec 14 11:05:39 auth: Debug: auth client connected (pid=3859)
Dec 14 11:05:41 auth: Debug: auth client connected (pid=3860)
Dec 14 11:05:41 auth: Debug: client in: AUTH<-->1<----->PLAIN<->service=imap<-->secured=tls<--->session=2TrTcaWZ2joKAAIb<------>lip=10.0.0.4<-->rip=10.0.2.27<->lport=993<----->rport=15066<--->local_name=mail.alt.test<------>ssl_cipher=ECDHE-RSA-AES128-GCM-SHA256<>ssl_ci
Dec 14 11:05:41 auth: Debug: client passdb out: CONT<-->1<----->
Dec 14 11:05:41 auth: Debug: client in: CONT<hidden>
Dec 14 11:05:41 auth: Debug: policy(petrov@alt.test,10.0.2.27,<2TrTcaWZ2joKAAIb>): Policy check action is continue
Dec 14 11:05:41 auth-worker(3850): Debug: pam(petrov@alt.test,10.0.2.27,<2TrTcaWZ2joKAAIb>): lookup service=dovecot
Dec 14 11:05:41 auth-worker(3850): Debug: pam(petrov@alt.test,10.0.2.27,<2TrTcaWZ2joKAAIb>): #1/1 style=1 msg=Password:.
Dec 14 11:05:41 auth: Debug: ldap(petrov@alt.test,10.0.2.27,<2TrTcaWZ2joKAAIb>): bind search: base=cn=Users,dc=alt,dc=test filter=(&(objectClass=user)(|(mail=petrov@alt.test)(sAMAccountName=petrov@alt.test)))
Dec 14 11:05:41 auth: Debug: ldap(petrov@alt.test,10.0.2.27,<2TrTcaWZ2joKAAIb>): result: mail=petrov@alt.test; mail unused
Dec 14 11:05:41 auth: Debug: policy(petrov@alt.test,10.0.2.27,<2TrTcaWZ2joKAAIb>): Policy check action is continue
Dec 14 11:05:41 auth: Debug: client passdb out: OK<---->1<----->user=petrov@alt.test<----->
Dec 14 11:05:41 auth: Debug: master in: REQUEST>2058354689<---->3860<-->1<----->ac0f2e216a4ebd9a416e443bbdba43c4<------>session_pid=3861<------>request_auth_token
Dec 14 11:05:41 auth-worker(3850): Debug: passwd(petrov@alt.test,10.0.2.27,<2TrTcaWZ2joKAAIb>): lookup
Dec 14 11:05:41 auth-worker(3850): Debug: passwd(petrov@alt.test,10.0.2.27,<2TrTcaWZ2joKAAIb>): username changed petrov@alt.test -> petrov
Dec 14 11:05:41 auth: Debug: master userdb out: USER<-->2058354689<---->petrov<--->system_groups_user=petrov<>uid=1275611006<>gid=1275600513<>home=/home/petrov<>auth_token=68570c5c4bf788eca9a59ec0c320bd1369a8c281<--->auth_user=petrov@alt.test
Dec 14 11:05:41 imap(petrov)<3861><2TrTcaWZ2joKAAIb>: Debug: Effective uid=1275611006, gid=1275600513, home=/home/petrov
Dec 14 11:05:41 imap(petrov)<3861><2TrTcaWZ2joKAAIb>: Debug: Home dir not found: /home/petrov
Dec 14 11:05:41 imap(petrov)<3861><2TrTcaWZ2joKAAIb>: Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/mail/petrov:UTF-8:INBOX=/var/mail/petrov/Inbox
Dec 14 11:05:41 imap(petrov)<3861><2TrTcaWZ2joKAAIb>: Debug: maildir++: root=/var/mail/petrov, index=, indexpvt=, control=, inbox=/var/mail/petrov/Inbox, alt=
Dec 14 11:05:41 imap(petrov)<3861><2TrTcaWZ2joKAAIb>: Debug: Mailbox INBOX: Mailbox opened because: SELECT
Dec 14 11:05:53 auth: Debug: auth client connected (pid=3865)
Dec 14 11:05:53 auth: Debug: client in: AUTH<-->1<----->PLAIN<->service=imap<-->secured=tls<--->session=D/OFcqWZ2zoKAAIb<------>lip=10.0.0.4<-->rip=10.0.2.27<->lport=993<----->rport=15067<--->local_name=mail.alt.test<------>ssl_cipher=ECDHE-RSA-AES128-GCM-SHA256<>ssl_ci
Dec 14 11:05:53 auth: Debug: client passdb out: CONT<-->1<----->
Dec 14 11:05:53 auth: Debug: client in: CONT<hidden>
Dec 14 11:05:53 auth: Debug: policy(petrov@alt.test,10.0.2.27,<D/OFcqWZ2zoKAAIb>): Policy check action is continue
Dec 14 11:05:53 auth-worker(3850): Debug: pam(petrov@alt.test,10.0.2.27,<D/OFcqWZ2zoKAAIb>): lookup service=dovecot
Dec 14 11:05:53 auth-worker(3850): Debug: pam(petrov@alt.test,10.0.2.27,<D/OFcqWZ2zoKAAIb>): #1/1 style=1 msg=Password:.
Dec 14 11:05:53 auth: Debug: ldap(petrov@alt.test,10.0.2.27,<D/OFcqWZ2zoKAAIb>): bind search: base=cn=Users,dc=alt,dc=test filter=(&(objectClass=user)(|(mail=petrov@alt.test)(sAMAccountName=petrov@alt.test)))
Dec 14 11:05:53 auth: Debug: ldap(petrov@alt.test,10.0.2.27,<D/OFcqWZ2zoKAAIb>): result: mail=petrov@alt.test; mail unused
Dec 14 11:05:53 auth: Debug: policy(petrov@alt.test,10.0.2.27,<D/OFcqWZ2zoKAAIb>): Policy check action is continue
Dec 14 11:05:53 auth: Debug: client passdb out: OK<---->1<----->user=petrov@alt.test<----->
Dec 14 11:05:53 auth: Debug: master in: REQUEST>3670147073<---->3865<-->1<----->18efcbf5886c22add71dc5177aa8030b<------>session_pid=3867<------>request_auth_token
Dec 14 11:05:53 auth-worker(3850): Debug: passwd(petrov@alt.test,10.0.2.27,<D/OFcqWZ2zoKAAIb>): lookup
Dec 14 11:05:53 auth-worker(3850): Debug: passwd(petrov@alt.test,10.0.2.27,<D/OFcqWZ2zoKAAIb>): username changed petrov@alt.test -> petrov
Dec 14 11:05:53 auth: Debug: master userdb out: USER<-->3670147073<---->petrov<--->system_groups_user=petrov<>uid=1275611006<>gid=1275600513<>home=/home/petrov<>auth_token=790dd0db5fefa10138ed89a2c9a5330c3edf3a5e<--->auth_user=petrov@alt.test
Dec 14 11:05:53 imap(petrov)<3867><D/OFcqWZ2zoKAAIb>: Debug: Effective uid=1275611006, gid=1275600513, home=/home/petrov
Dec 14 11:05:53 imap(petrov)<3867><D/OFcqWZ2zoKAAIb>: Debug: Home dir not found: /home/petrov
Dec 14 11:05:53 imap(petrov)<3867><D/OFcqWZ2zoKAAIb>: Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/mail/petrov:UTF-8:INBOX=/var/mail/petrov/Inbox
Dec 14 11:05:53 imap(petrov)<3867><D/OFcqWZ2zoKAAIb>: Debug: maildir++: root=/var/mail/petrov, index=, indexpvt=, control=, inbox=/var/mail/petrov/Inbox, alt=
Dec 14 11:05:53 imap(petrov)<3867><D/OFcqWZ2zoKAAIb>: Debug: Mailbox Sent: Mailbox opened because: SELECT
Есть ругань на отсутствие homedir, но при создании (хотя это тоже вопрос) домашней директории вручную, получаю ответ ....
Dec 14 11:17:28 imap(petrov)<4335><9Nrtm6WZAzsKAAIb>: Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/mail/petrov:UTF-8:INBOX=/var/mail/petrov/Inbox
Dec 14 11:17:28 imap(petrov)<4335><9Nrtm6WZAzsKAAIb>: Debug: maildir++: root=/var/mail/petrov, index=, indexpvt=, control=, inbox=/var/mail/petrov/Inbox, alt=
Dec 14 11:17:28 imap(petrov)<4335><9Nrtm6WZAzsKAAIb>: Debug: Mailbox Sent: Mailbox opened because: SELECT
Dec 14 11:17:28 imap(petrov)<4335><9Nrtm6WZAzsKAAIb>: Debug: Mailbox Sent: UID 31: Opened mail because: prefetch
Dec 14 11:17:28 imap(petrov)<4335><9Nrtm6WZAzsKAAIb>: Debug: Mailbox Sent: UID 31: Opened mail because: access
Dec 14 11:17:28 imap(petrov)<4335><9Nrtm6WZAzsKAAIb>: Debug: Mailbox Sent: UID 31: Opened mail because: full mail
Dec 14 11:17:37 auth: Debug: auth client connected (pid=0)
Dec 14 11:17:37 auth: Debug: client in: AUTH<-->1<----->PLAIN<->service=smtp<-->nologin>lip=10.0.0.4<-->rip=10.0.2.27<->secured>resp=<hidden>
Dec 14 11:17:37 auth: Debug: policy(petrov@alt.test,10.0.2.27): Policy check action is continue
Dec 14 11:17:37 auth-worker(4333): Debug: pam(petrov@alt.test,10.0.2.27): lookup service=dovecot
Dec 14 11:17:37 auth-worker(4333): Debug: pam(petrov@alt.test,10.0.2.27): #1/1 style=1 msg=Password:.
Dec 14 11:17:37 auth: Debug: ldap(petrov@alt.test,10.0.2.27): bind search: base=cn=Users,dc=alt,dc=test filter=(&(objectClass=user)(|(mail=petrov@alt.test)(sAMAccountName=petrov@alt.test)))
Dec 14 11:17:37 auth: Debug: ldap(petrov@alt.test,10.0.2.27): result: mail=petrov@alt.test; mail unused
Dec 14 11:17:37 auth: Debug: policy(petrov@alt.test,10.0.2.27): Policy check action is continue
Dec 14 11:17:37 auth: Debug: client passdb out: OK<---->1<----->user=petrov@alt.test<----->
Dec 14 11:17:37 auth: Debug: auth client connected (pid=4343)
Dec 14 11:17:37 auth: Debug: client in: AUTH<-->1<----->PLAIN<->service=imap<-->secured=tls<--->session=daWAnKWZBTsKAAIb<------>lip=10.0.0.4<-->rip=10.0.2.27<->lport=993<----->rport=15109<--->local_name=mail.alt.test<------>ssl_cipher=ECDHE-RSA-AES128-GCM-SHA256<>ssl_ci
Dec 14 11:17:37 auth: Debug: client passdb out: CONT<-->1<----->
Dec 14 11:17:37 auth: Debug: client in: CONT<hidden>
Dec 14 11:17:37 auth: Debug: policy(petrov@alt.test,10.0.2.27,<daWAnKWZBTsKAAIb>): Policy check action is continue
Dec 14 11:17:37 auth-worker(4333): Debug: pam(petrov@alt.test,10.0.2.27,<daWAnKWZBTsKAAIb>): lookup service=dovecot
Dec 14 11:17:37 auth-worker(4333): Debug: pam(petrov@alt.test,10.0.2.27,<daWAnKWZBTsKAAIb>): #1/1 style=1 msg=Password:.
Dec 14 11:17:37 auth: Debug: ldap(petrov@alt.test,10.0.2.27,<daWAnKWZBTsKAAIb>): bind search: base=cn=Users,dc=alt,dc=test filter=(&(objectClass=user)(|(mail=petrov@alt.test)(sAMAccountName=petrov@alt.test)))
Dec 14 11:17:37 auth: Debug: ldap(petrov@alt.test,10.0.2.27,<daWAnKWZBTsKAAIb>): result: mail=petrov@alt.test; mail unused
Dec 14 11:17:37 auth: Debug: policy(petrov@alt.test,10.0.2.27,<daWAnKWZBTsKAAIb>): Policy check action is continue
Dec 14 11:17:37 auth: Debug: client passdb out: OK<---->1<----->user=petrov@alt.test<----->
Dec 14 11:17:37 auth: Debug: master in: REQUEST>4058906625<---->4343<-->1<----->63dfa15002ebacb95c6836032f88db4d<------>session_pid=4344<------>request_auth_token
Dec 14 11:17:37 auth-worker(4333): Debug: passwd(petrov@alt.test,10.0.2.27,<daWAnKWZBTsKAAIb>): lookup
Dec 14 11:17:37 auth-worker(4333): Debug: passwd(petrov@alt.test,10.0.2.27,<daWAnKWZBTsKAAIb>): username changed petrov@alt.test -> petrov
Dec 14 11:17:37 auth: Debug: master userdb out: USER<-->4058906625<---->petrov<--->system_groups_user=petrov<>uid=1275611006<>gid=1275600513<>home=/home/petrov<>auth_token=a51d05f0444ecfe978713f1101eb06fcb2fa6ae1<--->auth_user=petrov@alt.test
Dec 14 11:17:37 imap(petrov)<4344><daWAnKWZBTsKAAIb>: Debug: Effective uid=1275611006, gid=1275600513, home=/home/petrov
Dec 14 11:17:37 imap(petrov)<4344><daWAnKWZBTsKAAIb>: Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/mail/petrov:UTF-8:INBOX=/var/mail/petrov/Inbox
Dec 14 11:17:37 imap(petrov)<4344><daWAnKWZBTsKAAIb>: Debug: maildir++: root=/var/mail/petrov, index=, indexpvt=, control=, inbox=/var/mail/petrov/Inbox, alt=
Dec 14 11:17:37 imap(petrov)<4344><daWAnKWZBTsKAAIb>: Debug: Mailbox Sent: Mailbox opened because: SELECT
Dec 14 11:17:41 auth: Debug: auth client connected (pid=4345)
Dec 14 11:17:41 auth: Debug: client in: AUTH<-->1<----->PLAIN<->service=imap<-->secured=tls<--->session=4pGynKWZBjsKAAIb<------>lip=10.0.0.4<-->rip=10.0.2.27<->lport=993<----->rport=15110<--->local_name=mail.alt.test<------>ssl_cipher=ECDHE-RSA-AES128-GCM-SHA256<>ssl_ci
Dec 14 11:17:41 auth: Debug: client passdb out: CONT<-->1<----->
Dec 14 11:17:41 auth: Debug: client in: CONT<hidden>
Dec 14 11:17:41 auth: Debug: policy(petrov@alt.test,10.0.2.27,<4pGynKWZBjsKAAIb>): Policy check action is continue
Dec 14 11:17:41 auth-worker(4333): Debug: pam(petrov@alt.test,10.0.2.27,<4pGynKWZBjsKAAIb>): lookup service=dovecot
Dec 14 11:17:41 auth-worker(4333): Debug: pam(petrov@alt.test,10.0.2.27,<4pGynKWZBjsKAAIb>): #1/1 style=1 msg=Password:.
Dec 14 11:17:41 auth: Debug: ldap(petrov@alt.test,10.0.2.27,<4pGynKWZBjsKAAIb>): bind search: base=cn=Users,dc=alt,dc=test filter=(&(objectClass=user)(|(mail=petrov@alt.test)(sAMAccountName=petrov@alt.test)))
Dec 14 11:17:41 auth: Debug: ldap(petrov@alt.test,10.0.2.27,<4pGynKWZBjsKAAIb>): result: mail=petrov@alt.test; mail unused
Dec 14 11:17:41 auth: Debug: policy(petrov@alt.test,10.0.2.27,<4pGynKWZBjsKAAIb>): Policy check action is continue
Dec 14 11:17:41 auth: Debug: client passdb out: OK<---->1<----->user=petrov@alt.test<----->
Dec 14 11:17:41 auth: Debug: master in: REQUEST>3475374081<---->4345<-->1<----->83883cdf40bdc5065f709090877ba4b7<------>session_pid=4346<------>request_auth_token
Dec 14 11:17:41 auth-worker(4333): Debug: passwd(petrov@alt.test,10.0.2.27,<4pGynKWZBjsKAAIb>): lookup
Dec 14 11:17:41 auth-worker(4333): Debug: passwd(petrov@alt.test,10.0.2.27,<4pGynKWZBjsKAAIb>): username changed petrov@alt.test -> petrov
Dec 14 11:17:41 auth: Debug: master userdb out: USER<-->3475374081<---->petrov<--->system_groups_user=petrov<>uid=1275611006<>gid=1275600513<>home=/home/petrov<>auth_token=8a08dc934ca6248403bf5e137e9508636d634d08<--->auth_user=petrov@alt.test
Dec 14 11:17:41 imap(petrov)<4346><4pGynKWZBjsKAAIb>: Debug: Effective uid=1275611006, gid=1275600513, home=/home/petrov
Dec 14 11:17:41 imap(petrov)<4346><4pGynKWZBjsKAAIb>: Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/mail/petrov:UTF-8:INBOX=/var/mail/petrov/Inbox
Dec 14 11:17:41 imap(petrov)<4346><4pGynKWZBjsKAAIb>: Debug: maildir++: root=/var/mail/petrov, index=, indexpvt=, control=, inbox=/var/mail/petrov/Inbox, alt=
Dec 14 11:17:41 imap(petrov)<4346><4pGynKWZBjsKAAIb>: Debug: Mailbox INBOX: Mailbox opened because: SELECT