Topic: Client Authentication:Ubuntu via sssd/ldap

[pelli]

Hello, i follow this how-to https://wiki.contribs.org/Client_Authentication:Ubuntu_via_sssd/ldap and all work except shutdown/reboot. Any user (local admin ubuntu and sme ldap user) can't shutdown or reboot the machine. Also in the login box the reboot and shutdown option are gray (not selectable)

Any suggestion?

Thanks

[Stefano]

I suggest you to ask elsewhere, in any ubuntu related forum.. just explain your configuration (I bet 0,50 € is something related to pam)

[pelli]

I suggest you to ask elsewhere, in any ubuntu related forum.. just explain your configuration (I bet 0,50 € is something related to pam)

bingo. i find the solution

edit the file /etc/pam.d/common-session and add the line
session         optional                        pam_systemd.so

Thanks

[Stefano]

well, please amend the wiki page accordingly, thank you

[ReetP]

Please note that if you read further down the page this is already mentioned here :

https://wiki.contribs.org/Client_Authentication:Ubuntu_via_sssd/ldap#System_Permissions_.26_PolicyKit

Please read all the 'Desktop Setup' section

B. Rgds
John

[pelli]

Please note that if you read further down the page this is already mentioned here :

https://wiki.contribs.org/Client_Authentication:Ubuntu_via_sssd/ldap#System_Permissions_.26_PolicyKit

Please read all the 'Desktop Setup' section

B. Rgds
John

yes is mentioned but the file to modify is another

"I also found to enable shutdown/restart, network indicator etc I had to add this to /etc/auth-client-config/profile.d/sss "
For enable shutdown and restart I also modified the file /etc/pam.d/common-session

[ReetP]

You still did not read the wiki page correctly.

System Permissions & PolicyKit

I also found to enable shutdown/restart, network indicator etc I had to add this to /etc/auth-client-config/profile.d/sss

pam_session=
               session         optional                        pam_systemd.so

That means you need to add it AT THE START and then when you run this

Code: [Select]

sudo auth-client-config -a -p sss
It will create the file  /etc/pam.d/common-session correctly without you having to edit it manually..... and this is the preferred way to do it so you can revert your changes with

Code: [Select]

sudo auth-client-config -a -p sss -r
The also occurs for mounting shares.

So the wiki is correct.

B. Rgds
John

[pelli]

You still did not read the wiki page correctly.

That means you need to add it AT THE START and then when you run this

Code: [Select]

sudo auth-client-config -a -p sss
It will create the file  /etc/pam.d/common-session correctly without you having to edit it manually..... and this is the preferred way to do it so you can revert your changes with

Code: [Select]

sudo auth-client-config -a -p sss -r
The also occurs for mounting shares.

So the wiki is correct.

B. Rgds
John

Ok, thanks John.

[ReetP]

No problems

If you notice anything else please let me know and I will look.

B. Rgds
John

[pelli]

Hello, i resume this post for a problem with mount shares.  the automatically mounts shares not work.  where i can find the log for examine the problem?

Thanks

[ReetP]

I can't remember specifically... try the usual /var/log hierachy. I think you may have a sssd dir in there now ?

What about showing some configs ? Did you follow the wiki ?