I ran into a strange problem today: I reset a user password in the GUI
to "Test1234" for testing but when I tried to login as that user and
enter the password, I got an authentication error. Does anyone know why
this might be occurring or how I can debug it?
Here are some additional details:
* OS: CentOS 6.2
* FreeIPA: 2.1.3
Here are the steps I went through:
1. I log into the server as "A".
2. I run "kinit admin
3. I add a user "B" with password: "F00bar5pam!"
4. I verify that the user exists https://localhost
5. I reset the password in the web interface to "Test1234" (yeah, I
know, completely lame)
6. The GUI tells me that it reset.
7. I then try "ssh B@some-host" using the "Test1234" and get
permission denied. That is odd, it may indicate an HBAC error.
8. So I try "su - B" with password "Test1234" and get "su:
9. Now I am stumped so I look /var/log/secure and see these
Jun 29 17:53:11 cuthbert su: pam_sss(su-l:auth): authentication failure;
logname=A uid=500 euid=0 tty=pts/1 ruser=A rhost= user=B
Jun 29 17:53:11 cuthbert su: pam_sss(su-l:auth): received for B: 4
10. I didn't see anything strange in
11. I didn't see anything strange in
12. I didn't see any SELinux errors in /var/log/audit/audit.log
13. I didn't see anything suspicious in /var/log/krb5kdc.log
14. In /var/log/pki-ca/debug there was some stuff about no sessions
have been created but I am not sure whether that has anything to do with
What is system error 4 (step #9)? Is that the source of the problem?
Any help would be greatly appreciated.
Freeipa-users mailing list