Jakub, you might be onto something. Sep 14 18:11:08 pentl01.ipa.example.com ns-slapd: pam_sss(system-auth:auth): authentication failure; logname= uid=389 euid=389 tty= ruser= rhost= [email protected] Sep 14 18:11:08 pentl01.ipa.example.com ns-slapd: pam_sss(system-auth:auth): received for user [email protected]: 7 (Authentication failure)
Would this mean that I need an HBAC policy allowing specific/all users system-auth against the IPA servers? Or what would you suggest? It does seem a little overkill if I did that. Unless there's a better way. _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
