Community Articles
Find and share helpful community-sourced technical articles
Explorer

After a few hours of debugging SSSD and mapping users/groups I wanted to make a post here to try and save someone the pain.

I had SSD configured correctly using the following document:

https://github.com/HortonworksUniversity/Security_Labs#lab-1

What I found by adding debug_level=7 to the sssd.conf file was this cryptic message:

Trying to resolve service 'AD_GC' 

I realized at some point I was firewall'd off to the Active Directory Global Catalog port 3286, once I opened this I can now get the correct groups mapped to my SSSD users.

Hope this saves someone some time in the future!

1,768 Views
Comments
Contributor

Is the port 3286, It should be 3268