On (21/05/15 18:56), Dmitri Pal wrote: >On 05/21/2015 05:54 PM, John Williams wrote: >>I've got a freeIPA client where a user account cannot authenticate. >> >>The log entry for IPA looks like: >> >>audit/audit.log.4:type=USER_AUTH msg=audit(1425316592.375:38090): user >>pid=16485 uid=0 auid=4294967295 ses=4294967295 >>subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication >>acct="aswanda" exe="/usr/sbin/sshd" hostname=172.31.0.162 addr=172.31.0.162 >>terminal=ssh res=failed' >> >>When I try to sudo to the user account, I get the following error: >> >>[root@myhost ~]# sudo su - testuser >>su: user testuser does not exist >> >>However, all that works for my account. >> >>Please help. Thanks in advance. >> >> >> >What do you use on the client? SSSD? >What is the OS version? >What SSSD logs show? > For sssd related issues see https://fedorahosted.org/sssd/wiki/Troubleshooting
Firstly, ensure you can get user information (getent passwd user) Secondly, troubleshoot authentication and access control. LS -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
