On 10/10/2017 12:47 AM, Alka Murali via FreeIPA-users wrote:
Hello Team,

I have integrated my Ubuntu/Debian and CentOS Servers as IPA Clients to my FreeIPA Server. The custom sudo rule added by me also works for the users assigned to the rule.

The first login attempt as well as sudo access works fine. However if the user logins later or after few days, the sudo user is not recognised and inturn the user is getting locked out of the server. I have tested this and can see that even though there is no failed attempt by the user on the server, pam_sss is giving access_denied error message which intunrs blocks the user for ever.

Is there any sort of pam settings that needs to be applied?

I saw a similar issue, but all our servers are CentOS and required an update of sudo to fix.

Mark Haney
Network Engineer at NeoNova
919-460-3330 option 1
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to