[Samba] Problem with PAM/SSSD/SAMBA4.1.2

[Bernd Schuhmacher]

Hi

I hope that I am not totally wrong when asking this on a Samba list, but
as I followed a tutorial found at the SAMBA wiki I hope I can find
someone how is able to help me.

My goal is to set up a server acting as a SAMBA AD Server with single
sign on  for linux users.
I use a Ubuntu Server 13.10 as the base. On top of this I installed a
SAMBA 4.1.2 from GIT, did provisioning, Kerberos installation and so on.
This part seems to work. I can connect a Windows 7 Client to the domain
and work with MS rsat tools on the SAMBA server.

After that I installed SSSD with
apt-get install sssd sssd-tools
and configured this package as found on
https://wiki.samba.org/index.php/Local_user_management_and_authentication/sssd
getnet passwd and getent group do what they should (after adding posix
stuff to groups and users with RSAT)

I did not change anything with any pam configuration as i think that dpk
should do the job when libpam-sss and libnss-sss were installed.
Checking /etc/pam.d/* files show more or less the same as shown in the
tutorial.

When I try to connect with ssh to the server I can not do this
(Permission denied, please try again.). On the server I found in
/var/log/auth the following:

Nov 28 12:17:44 ad-server sshd[1770]: pam_unix(sshd:auth):
authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
rhost=walhalla-2.fritz.box  user=administrator
Nov 28 12:17:44 ad-server sshd[1770]: pam_sss(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=walhalla-2.fritz.box
user=administrator
Nov 28 12:17:44 ad-server sshd[1770]: pam_sss(sshd:auth): received for
user administrator: 9 (Authentication service cannot retrieve
authentication info)
Nov 28 12:17:46 ad-server sshd[1770]: Failed password for administrator
from fd00::ca60:ff:fe14:986f port 57260 ssh2

Does anybody have an idea.

Kind regards
Bernd