So yesterday we upgrade our older IPA 3.x servers (RHEL 6.8) to the latest
and greatest (RHEL 6.9) and it seemed to be working as expected.   Came in
the next day and older IPA 4.2 server (RHEL 7.2) was having issues so
thought it would be a good time patch it up to the latest (IPA 4.4 and RHEL
7.3) seemed okay after it came back up but after a little while hosts
configured to use IPA  stopped allowing access via ssh.

I can explicitly put in sssd.conf to use the patched up 4.4 server and I
seem to be able to log in via ssh but when a server is pointing to one of
the 3.x servers it just gives me an access denied.   The strange part is
some accounts (like my test account) can log in to some servers via ssh and
can even sudo to root where available regardless of which IPA server the
host is using.

Any help would be appreciated because I'm stumped on this one.   Just let
me know what logs would be helpful in troubleshooting.


John Bowman
FreeIPA-users mailing list --
To unsubscribe send an email to

Reply via email to