Issue: User from authd and EntraID can not use fingerprint reader

[saltstack-admin]

Is there an existing issue for this?

• I have searched the existing issues and found none that matched mine

Describe the issue

Hello,

today I tried to use the fingerprint reader with my authd/EntraID user.
The system is a T15p with Ubuntu 24.04 and Gnome.
If I open the settings menu to configure my fingerprint, the option to add fingerprints does not appear in Settings->System->Users.
As sanity check I logged out and switched to a local user. This user does get the option to configure fingerprints.

What am I doing wrong?

Steps to reproduce

1. Install Ubuntu 24.04 on laptop with a fingerprint reader
2. Login with authd/EntraID user
3. Open Settings->System->Users
4. Like in the screenshot, the option for fingerprints is completely missing

System information and logs

authd version

authd	0.3.7

authd-msentraid broker version

name:      authd-msentraid
summary:   MSEntra ID broker for authd
publisher: Canonical**
store-url: https://snapcraft.io/authd-msentraid
license:   GPL-3.0
description: |
  This is the MS Entra ID broker snap for authd  to provide MS Entra ID OIDC
  based authentication on Ubuntu with authd.
services:
  authd-msentraid: simple, enabled, active
snap-id:      vS3oJLMss6lgWwoFcPqYDUA2HB20I1Dc
tracking:     0.x/stable
refresh-date: heute um 10:11 UTC
channels:
  0.x/stable:    0.1+267a15c.f272cc1 2024-12-10  (89) 18MB -
  0.x/candidate: ^                                         
  0.x/beta:      ^                                         
  0.x/edge:      0.1+2c437dc.133b4b7 2024-12-21 (103) 18MB -
installed:       0.1+267a15c.f272cc1             (89) 18MB -

gnome-shell version

gnome-shell:
  Installiert:           46.3.1-1ubuntu1~24.04.1authd2
  Installationskandidat: 46.3.1-1ubuntu1~24.04.1authd2
  Versionstabelle:
 *** 46.3.1-1ubuntu1~24.04.1authd2 500
        500 https://ppa.launchpadcontent.net/ubuntu-enterprise-desktop/authd/ubuntu noble/main amd64 Packages
        100 /var/lib/dpkg/status
     46.0-0ubuntu6~24.04.5 500
        500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
     46.0-0ubuntu6~24.04.3 500
        500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
     46.0-0ubuntu5 500
        500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages

Distribution

Distributor ID:	Ubuntu
Description:	Ubuntu 24.04.1 LTS
Release:	24.04
Codename:	noble

Logs

[   14.454572] mySystem systemd[1]: Starting authd.service - Authd daemon service...
[   14.505375] mySystem authd[2629]: 2024/12/30 10:04:06 WARN Broker configuration directory "/etc/authd/brokers.d/" does not exist, only local broker will be available
[   14.516219] mySystem systemd[1]: Started authd.service - Authd daemon service.
[   91.061893] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.062538] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.065084] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.065424] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.065637] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.086354] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.094331] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.097477] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.109871] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.110277] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.112430] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.112741] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.112866] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.131850] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.140215] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[   91.143340] mySystem authd[2629]: 2024/12/30 10:05:22 WARN rpc error: code = NotFound desc =
[  436.917723] mySystem authd[2629]: 2024/12/30 10:11:08 WARN rpc error: code = NotFound desc =
[  436.924954] mySystem authd[2629]: 2024/12/30 10:11:08 WARN rpc error: code = NotFound desc =
[  438.168472] mySystem systemd[1]: Started snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
[  438.486970] mySystem authd-msentraid.authd-msentraid[11948]: time=2024-12-30T10:11:10.298Z level=ERROR msg="could not create broker: could not parse config: config file has invalid values, did you edit the file \"/var/snap/authd-msentraid/89/broker.conf\"?\nfound invalid character in section \"oidc\", key \"issuer\"\nfound invalid character in section \"oidc\", key \"client_id\""
[  438.488227] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Main process exited, code=exited, status=1/FAILURE
[  438.488344] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Failed with result 'exit-code'.
[  438.639860] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Scheduled restart job, restart counter is at 1.
[  438.649384] mySystem systemd[1]: Started snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
[  438.667604] mySystem authd-msentraid.authd-msentraid[11989]: time=2024-12-30T10:11:10.480Z level=ERROR msg="could not create broker: could not parse config: config file has invalid values, did you edit the file \"/var/snap/authd-msentraid/89/broker.conf\"?\nfound invalid character in section \"oidc\", key \"issuer\"\nfound invalid character in section \"oidc\", key \"client_id\""
[  438.668633] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Main process exited, code=exited, status=1/FAILURE
[  438.668754] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Failed with result 'exit-code'.
[  438.890138] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Scheduled restart job, restart counter is at 2.
[  438.903398] mySystem systemd[1]: Started snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
[  438.919642] mySystem authd-msentraid.authd-msentraid[12019]: time=2024-12-30T10:11:10.732Z level=ERROR msg="could not create broker: could not parse config: config file has invalid values, did you edit the file \"/var/snap/authd-msentraid/89/broker.conf\"?\nfound invalid character in section \"oidc\", key \"issuer\"\nfound invalid character in section \"oidc\", key \"client_id\""
[  438.920074] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Main process exited, code=exited, status=1/FAILURE
[  438.920137] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Failed with result 'exit-code'.
[  439.049718] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Scheduled restart job, restart counter is at 3.
[  439.062372] mySystem systemd[1]: Started snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
[  439.081532] mySystem authd-msentraid.authd-msentraid[12050]: time=2024-12-30T10:11:10.893Z level=ERROR msg="could not create broker: could not parse config: config file has invalid values, did you edit the file \"/var/snap/authd-msentraid/89/broker.conf\"?\nfound invalid character in section \"oidc\", key \"issuer\"\nfound invalid character in section \"oidc\", key \"client_id\""
[  439.082081] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Main process exited, code=exited, status=1/FAILURE
[  439.082149] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Failed with result 'exit-code'.
[  439.193133] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Scheduled restart job, restart counter is at 4.
[  439.210376] mySystem systemd[1]: Started snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
[  439.214948] mySystem authd[2629]: 2024/12/30 10:11:11 WARN rpc error: code = InvalidArgument desc = no user name provided
[  439.228129] mySystem authd-msentraid.authd-msentraid[12112]: time=2024-12-30T10:11:11.040Z level=ERROR msg="could not create broker: could not parse config: config file has invalid values, did you edit the file \"/var/snap/authd-msentraid/89/broker.conf\"?\nfound invalid character in section \"oidc\", key \"issuer\"\nfound invalid character in section \"oidc\", key \"client_id\""
[  439.230231] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Main process exited, code=exited, status=1/FAILURE
[  439.230297] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Failed with result 'exit-code'.
[  439.242512] mySystem authd[2629]: 2024/12/30 10:11:11 WARN rpc error: code = InvalidArgument desc = no user name provided
[  439.389639] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Scheduled restart job, restart counter is at 5.
[  439.389757] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Start request repeated too quickly.
[  439.389792] mySystem systemd[1]: snap.authd-msentraid.authd-msentraid.service: Failed with result 'exit-code'.
[  439.389806] mySystem systemd[1]: Failed to start snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
[  489.895655] mySystem systemd[1]: Stopping authd.service - Authd daemon service...
[  489.896918] mySystem systemd[1]: authd.service: Deactivated successfully.
[  489.897062] mySystem systemd[1]: Stopped authd.service - Authd daemon service.
[  489.911413] mySystem systemd[1]: Starting authd.service - Authd daemon service...
[  489.934294] mySystem systemd[1]: Started authd.service - Authd daemon service.
[  490.001280] mySystem systemd[1]: Started snap.authd-msentraid.authd-msentraid.service - Service for snap application authd-msentraid.authd-msentraid.
[  596.735224] mySystem authd[15983]: 2024/12/30 10:13:48 WARN rpc error: code = NotFound desc =
[  596.746576] mySystem authd[15983]: 2024/12/30 10:13:48 WARN rpc error: code = NotFound desc =
[  596.746846] mySystem gdm-authd][16078]: accountsservice: ActUserManager: user (null) has no username (uid: -1)
[  596.747102] mySystem authd[15983]: 2024/12/30 10:13:48 WARN rpc error: code = NotFound desc =
[  596.811812] mySystem authd[15983]: 2024/12/30 10:13:48 WARN rpc error: code = NotFound desc =
[  596.942673] mySystem authd[15983]: 2024/12/30 10:13:48 WARN rpc error: code = NotFound desc =
[  596.944400] mySystem authd[15983]: 2024/12/30 10:13:48 WARN rpc error: code = NotFound desc =
[  596.945251] mySystem authd[15983]: 2024/12/30 10:13:48 WARN rpc error: code = InvalidArgument desc = no user name provided
[  669.639209] mySystem authd[15983]: 2024/12/30 10:15:01 WARN rpc error: code = InvalidArgument desc = no user name provided
[  690.198915] mySystem gpasswd[16169]: user [email protected] added by root to group sudo
[  690.252362] mySystem gdm-authd][16078]: gkr-pam: no password is available for user
[  690.287014] mySystem gdm-authd][16078]: accountsservice: act_user_set_session: assertion 'ACCOUNTS_IS_USER (user->accounts_proxy)' failed
[  690.292177] mySystem authd[15983]: 2024/12/30 10:15:22 WARN rpc error: code = InvalidArgument desc = no user name provided
[  690.317083] mySystem gdm-authd][16078]: pam_intune(gdm-authd:session): No authtok available; password policies will fail: Keine modulspezifischen Daten vorhanden
[  690.318269] mySystem gdm-authd][16078]: pam_unix(gdm-authd:session): session opened for user [email protected](uid=1234567890) by [email protected](uid=0)
[  690.421584] mySystem authd[15983]: 2024/12/30 10:15:22 WARN rpc error: code = InvalidArgument desc = no user name provided
[  690.657928] mySystem gdm-authd][16078]: gkr-pam: couldn't unlock the login keyring.
[  759.195294] mySystem authd[15983]: 2024/12/30 10:16:31 WARN rpc error: code = NotFound desc =
[  761.274862] mySystem authd[15983]: 2024/12/30 10:16:33 WARN rpc error: code = NotFound desc =
[  789.671628] mySystem authd[15983]: 2024/12/30 10:17:01 WARN rpc error: code = InvalidArgument desc = no user name provided

authd broker configuration

/etc/authd/brokers.d/msentraid.conf

# This section is used by authd to identify and communicate with the broker.
# It should not be edited.
[authd]
name = Microsoft Entra ID
brand_icon = /snap/authd-msentraid/current/broker_icon.png
dbus_name = com.ubuntu.authd.MSEntraID
dbus_object = /com/ubuntu/authd/MSEntraID

authd-msentraid configuration

[oidc]
issuer = https://login.microsoftonline.com/<UUID redacted>/v2.0
client_id = <UUID redacted>
# Client secret is needed for some specific auth flows depending on the provider.
# Only enable it if this is needed for your particular configuration.
# client_secret = <CLIENT_SECRET>

[users]
# The directory where the home directory will be created for new users.
# Existing users will keep their current directory.
# The user home directory will be created in the format of {home_base_dir}/{username}
# home_base_dir = /home

# The username suffixes that are allowed to login via ssh without existing previously in the system.
# The suffixes must be separated by commas.
# ssh_allowed_suffixes = @example.com,@anotherexample.com

Double check your logs

• I have redacted any sensitive information from the logs