We are running FreeIPA 4.4 on Centos 7 and trying to use radius

Using radtest and radclient work fine and we can authenticate a user.

The radius proxy and secret are set to match the values from radclient.
The user has the radius check box checked and the other two fields set to
appropriate values. hbactest shows that the user has permission for any

When I do " su -l rsa-user", I'm requested for the first and second
factors.  After I enter them, I get "su: Authentication failure".  Using a
non-radius user works fine.

The sssd_pam log has

[sssd[pam]] [pam_dp_process_reply] (0x0200): received: [17 (Failure setting
user credentials)][idm.bbn.com]
[sssd[pam]] [pam_reply] (0x0200): pam_reply called with result [17]:
Failure setting user credentials.

Unchecking the radius checkbox and the account works fine.

Any ideas what to try or look at next?
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to