On Fri, Dec 07, 2012 at 09:33:22AM -0500, Rob Crittenden wrote:
> Albert Adams wrote:
> >There are no HBAC rules defined other than the default "allow_all" rule
> >which has not been customized. It is a vanilla instal at this point. I
> >have not added anything other than the replica, a few clients, one user
> >group and the users to the system.
> Ok. I would update the sssd debug level and restart it, then try the
> login again. On system2 are you able to use nss tools to identify
> IPA users (id, getent, etc)?
Please also check out /var/log/secure. Is pam_sss mentioned at all? What
are the messages coming from pam_sss ?
Freeipa-users mailing list