Bug 515113

Summary: Domain accounts don't work in Plasma Login Manager
Product: [Plasma] plasma-login-manager Reporter: yamiyukisenpai
Component: generalAssignee: Plasma Bugs List <plasma-bugs-null>
Status: CONFIRMED ---    
Severity: normal CC: kde, nate, olib141
Priority: HI    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Neon   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:
Attachments: Plasma Login Manager logs
SDDM logs
Plasma Login Manager logs

Description yamiyukisenpai 2026-01-26 14:46:47 UTC 
SUMMARY
I can't log in with my Active Directory domain account with Plasma Login Manager, while SDDM works fine

STEPS TO REPRODUCE
1. Switch to Plasma Login Manager
2. Reboot
3. Log in 

OBSERVED RESULT
It doesn't login with my domain account

EXPECTED RESULT
Domain account is recognized and can log in with it

SOFTWARE/OS VERSIONS
Operating System: KDE neon Testing Edition
KDE Plasma Version: 6.5.90
KDE Frameworks Version: 6.23.0
Qt Version: 6.10.1
Kernel Version: 6.14.0-37-generic (64-bit)
Graphics Platform: Wayland
Processors: 12 × 11th Gen Intel® Core™ i5-11400 @ 2.60GHz
Memory: 32 GiB of RAM (30.6 GiB usable)
Graphics Processor 1: AMD Radeon RX Vega
Graphics Processor 2: Intel® Graphics

ADDITIONAL INFORMATION
Comment 1 yamiyukisenpai 2026-01-26 14:49:17 UTC 
Created attachment 188912 [details]
Plasma Login Manager logs

$ sudo journalctl -b -1 --no-hostname | grep -i -e plasmalogin -e sssd -e sss
Comment 2 yamiyukisenpai 2026-01-26 14:49:57 UTC 
Created attachment 188913 [details]
SDDM logs

$ sudo journalctl -b -2 --no-hostname | grep -i -e sddm -e sssd -e sss
Comment 3 yamiyukisenpai 2026-01-26 14:55:23 UTC 
Created attachment 188914 [details]
Plasma Login Manager logs

$ sudo journalctl -b -1 --no-hostname | grep -i -e plasmalogin -e sssd -e sss
Comment 4 Oliver Beard 2026-01-26 15:13:45 UTC 
User listing is the same as in SDDM, so the account is listed correctly.

Logs indicate that pam_sss (which appears to be used for AD) succesfully authenticates:

Jan 26 09:35:19 plasmalogin-helper[6868]: pam_sss(plasmalogin:auth): authentication success; logname= uid=0 euid=0 tty= ruser= rhost= user=jgamao

but later fails:

Jan 26 09:35:19 plasmalogin-helper[6868]: pam_sss(plasmalogin:account): Access denied for user jgamao: 6 (Permission denied)

The logs are full of sssd-pam failing. This is probably the root cause due to some misconfiguration. SDDM does not get a permission denied message.

Maybe somewhere plasmalogin needs to be whitelisted to allow login?
Comment 5 yamiyukisenpai 2026-01-26 15:28:22 UTC 
(In reply to Oliver Beard from comment #4)
> Maybe somewhere plasmalogin needs to be whitelisted to allow login?

If there's a spot to do that, I dunno where it'd be.  I never had to make any whitelisting when I use LightDM or GDM or SDDM on other thin clients in the company (they're Kubuntu, Ubuntu Cinnamon and regular Ubuntu), or even when I setup my Neon workstation.