Jakub, you might be onto something. Sep 14 18:11:08 pentl01.ipa.example.com ns-slapd: pam_sss(system-auth:auth): authentication failure; logname= uid=389 euid=389 tty= ruser= rhost= user=louis.a...@ad.example.com Sep 14 18:11:08 pentl01.ipa.example.com ns-slapd: pam_sss(system-auth:auth): received for user louis.a...@ad.example.com: 7 (Authentication failure)
Would this mean that I need an HBAC policy allowing specific/all users system-auth against the IPA servers? Or what would you suggest? It does seem a little overkill if I did that. Unless there's a better way. _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
