On Fri, Dec 07, 2012 at 09:33:22AM -0500, Rob Crittenden wrote: > Albert Adams wrote: > >Rob, > >There are no HBAC rules defined other than the default "allow_all" rule > >which has not been customized. It is a vanilla instal at this point. I > >have not added anything other than the replica, a few clients, one user > >group and the users to the system. > > Ok. I would update the sssd debug level and restart it, then try the > login again. On system2 are you able to use nss tools to identify > IPA users (id, getent, etc)? > > rob >
Please also check out /var/log/secure. Is pam_sss mentioned at all? What are the messages coming from pam_sss ? _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users