On Thu, Jul 26, 2012 at 09:12:35PM +0000, Steven Jones wrote: > Yes, > > So, I reset the password and that failed, so I added the user to my desktop > group logged in to my desktop with ssh localhost and set the password, then I > could log into the client fine. Other users had no problem logging in via > the HBAC rule.... > > This sort of behaviour is usually a pre-cursor to the replication totally > failing, on average it lasts about 2 weeks.... > > :(
I'm sorry about the trouble but without more information it's hard for me to debug the problem. If you get hit by the problem in the future, can you: - test the HBAC rule with the "ipa hbactest" command - attach or paste the last couple of lines from the /var/log/secure file - attach or paste the relevant contents of /var/log/sssd/sssd_pam.log and /var/log/sssd/sssd_$domain.log That should be enough info for us to start looking in the right direction. Thank you! _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users