Skip to content

Configure system

cat /etc/crypto-policies/state/current
update-crypto-policies --set DEFAULT:AD-SUPPORT-LEGACY
reboot

Join Domain

Configure users in domain

Users need to have populated the fields uidNumber and gidNumber and the groups need to have the gidNumber. Otherwise this error is given

ago 20 12:30:07 hostname sshd[1441]: Invalid user username from 10.0.0.1 port 12345

Debug from Linux

getent group groupname
getent group Name\ of\ Group
getent passwd username

Clear cache. You need to clear the cache when you remove a user from a group.

sudo sss_cache -g groupname
sudo sss_cache -E