Comment 23 for bug 1314095

confirming on my setup as well.

openstack VM (similar to amazon ec2)
Running GDM3 (apt-get install gnome-shell) w/ NX Server to xorg-server-dummy package (since vm is headless)
LDAP Authentication w/ SSSD Package

Once I connect to the server, I am able to log in the first time using my ldap account. Also since i already have a home folder (PAM mkhomedir) my LDAP 'firstName' and 'lastName' actually show up on the GDM3 login screen. Which was a pleasant surprise.

however, once locked. I'm getting the error in /var/log/auth.log:
Jan 8 05:19:10 onr-geoserver gdm-password][12480]: pam_succeed_if(gdm-password:auth): requirement "user ingroup nopasswdlogin" not met by user "cott"
Jan 8 05:19:17 onr-geoserver gdm-password][12480]: pam_unix(gdm-password:auth): authentication failure; logname=cott uid=0 euid=0 tty=:0 ruser= rhost= user=cott
Jan 8 05:19:19 onr-geoserver gdm-password][12480]: pam_sss(gdm-password:auth): authentication success; logname=cott uid=0 euid=0 tty=:0 ruser= rhost= user=cott
Jan 8 05:19:19 onr-geoserver gdm-password][12480]: gkr-pam: unlocked login keyring
Jan 8 05:19:19 onr-geoserver systemd-logind[1359]: Removed session 3.
Jan 8 05:19:19 onr-geoserver gdm-password][12708]: pam_succeed_if(gdm-password:auth): requirement "user ingroup nopasswdlogin" not met by user "cott"

it seems 'pam_sss' is happy (auth. success), but 'pam_unix' is not.

This is all purely package installs from ubuntu 14.04 cloud image. no custom configs except for the dummy monitor in xorg.conf. which i doubt is related.