On Fri, Oct 5, 2012 at 10:03 AM, Dmitri Pal <d...@redhat.com> wrote:
> On 10/05/2012 12:16 PM, Stephen Ingram wrote:
>> As I typically have saslauthd use kerberos to authenticate users I
>> really haven't had the occasion to try before. Since freeipa machines
>> use SSSD to help manage users on the system, I thought that saslauthd
>> should be able to authenticate users against PAM as well. Unless I
>> have somehow misconfigured, this seems not to be the case as each time
>> I get:
>>
>> saslauthd[7342] :do_auth         : auth failure: [user=nancy]
>> [service=smtp] [realm=] [mech=pam] [reason=PAM acct error]
>>
>> According to the logs on the freeipa machine, the auth is correct and
>> the ticket is issued. Is there some additional client configuration
>> required to make this work since SSSD now involved?
> This seems relevant:
> http://www.howtoforge.com/forums/showthread.php?t=24538

Thanks. Just to follow up, it does work out of the box. I neglected to
tell IPA HBAC to let me on that host. Needless to say, if you are
going to use IPA, you need to use IPA **correctly**!

Steve

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to