Thank you again for assisting. I did a little more digging myself and realized 
something wrong about my /etc/pam.d/system-auth and /etc/pam.d/password-auth 
files. The auth line for pam_sss.so had both use_first_pass and forward_pass. 
It seems to me that these counter each other in some way. Once I took off 
use_first_pass, password logins to the domain controllers and to my solaris 11 
clients are working. I'm no longer getting an error 7, I'm instead getting 
successes in /var/log/secure.

Only issue now is it seems my pam configuration on Solaris must be incorrect or 
there is a major bug - while the password works, I cannot open a session. 
Trying to su into an account while on the system as root gives me some 
assertion error and then aborted. The login with user@domain works (which is 
not what I want to use). 

Solaris 10 on the other hand gives me "no legal authentication methods". Might 
be a pam/nsswitch misconfiguration. I'll report back if I figure it out. 
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to