On (10/10/17 12:47), Alka Murali via FreeIPA-users wrote: >Hello Team, > >I have integrated my Ubuntu/Debian and CentOS Servers as IPA Clients to my >FreeIPA Server. The custom sudo rule added by me also works for the users >assigned to the rule. > >The first login attempt as well as sudo access works fine. However if the >user logins later or after few days, the sudo user is not recognised and >inturn the user is getting locked out of the server. I have tested this and >can see that even though there is no failed attempt by the user on the >server, pam_sss is giving access_denied error message which intunrs blocks >the user for ever. > >Is there any sort of pam settings that needs to be applied? > I would recommend to check following pages: https://docs.pagure.org/SSSD.sssd/users/troubleshooting.html https://docs.pagure.org/SSSD.sssd/users/sudo_troubleshooting.html I'm soory but it is not possible to help without more details.
It is impossible it is a bug so you can test with never version of sssd 1.15.x otherwise please file a bug https://docs.pagure.org/SSSD.sssd/users/reporting_bugs.html LS _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org