On Mon, Jun 3, 2013 at 12:38 AM, Ryan Cunningham <ryan.cunningham.xy...@gmail.com> wrote: > >> What I see is: >> >> fatal: Access denied for user admin by PAM account configuration >> >> What about disabling selinux? > > > Whoops, I probably should have caught these myself. > > Disabling SELinux fixed one of the hosts. I didn't even look at it because I > believed that I had disabled it previously. > > The other problem host didn't have SELinux enabled but was missing the > /etc/selinux/targeted directory structure and was dropping an error: > > [sssd[pam]] [write_selinux_login_file] (0x0040): creating the temp file for > SELinux data failed. /etc/selinux/targeted/logins/adminnik1F1(Sun Jun 2 > 18:01:44 2013) [sssd[pam]] [pam_reply] (0x0100): blen: 25 > > Everything's working fine now -- thanks for looking at those logs.
glad it helped, but it should also work with selinux enabled. Could you try running restorecon -rv on /etc and /home at least, re-enabling selinux and logging in again? For me and many others, it works and it really is the new 'best practices' to have it on ;-) -- groet, natxo _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users