Here's a sanitized sssd.conf that works on our slurm compute nodes: [sssd] domains = [AD_FQDNS] config_file_version = 2 services = nss, pam [domain/[AD_FQDNS] default_shell = /bin/bash krb5_store_password_if_offline = True cache_credentials = True krb5_realm = [ALLCAPS_AD_FQDNS] realmd_tags = manages-system joined-with-adcli id_provider = ad fallback_homedir = /home/%u ad_domain = [AD_FQDNS] use_fully_qualified_names = False ldap_id_mapping = True access_provider = ad AD_FQDNS is the fully qualified dns name of AD ALLCAPS is where the AD FQDNS is capitalized I hope it helps. Andrew Ferris (He, Him, His ( https://equity.ubc.ca/resources/gender-diversity/pronouns/) ) Network & Systems Management UBC Centre for Heart-Lung Innovation The University of British Columbia | St. Paul's Hospital | Musqueam, Squamish & Tsleil-Waututh Traditional Territory Room 166 -1081 Burrard Street | Vancouver Canada | V6Z 1Y6 Canada Phone 604 806 8346 andrew.ferris@hli.ubc.ca https://www.hli.ubc.ca

...

...

"Sterner, Douglas E. via slurm-users" <slurm-users@lists.schedmd.com> 6/2/2026 9:55 AM >>> New kubernetes deployment and I can't authenticate via ssh using AD credentials to the login controller. Both id and getent resolve user correctly. I have tried every sssd parameter known to mankind. Can someone provide a working example of an sssd.conf for active directory non ssl that I can compare against. Also do I need to do this in the values.yaml?

slurm: config: # Explicitly enable PAM for node environments and pam_slurm_adopt UsePAM: 1 Thanks, Douglas Sterner Johns Hopkins Applied Physics Laboratory NSAD / JAF 11100 Johns Hopkins Road. Laurel, MD 20723-6091