Hi, only few user are able to login. ipa ad-trust setup.
========================== Jan 6 10:48:36 ilt-gif-ipa02 sshd[22490]: reverse mapping checking getaddrinfo for ilp-noatun.man.cosng.net [146.213.128.135] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 6 10:48:48 ilt-gif-ipa02 sshd[22490]: Invalid user et33015 from 146.213.128.135 Jan 6 10:48:48 ilt-gif-ipa02 sshd[22490]: input_userauth_request: invalid user et33015 [preauth] Jan 6 10:48:48 ilt-gif-ipa02 sshd[22490]: error: PAM: User not known to the underlying authentication module for illegal user et33015 from x.x.x.x Jan 6 10:48:48 ilt-gif-ipa02 sshd[22490]: Failed keyboard-interactive/pam for invalid user et33015 from x.x.x.x port 51270 ssh2 Jan 6 10:48:56 ilt-gif-ipa02 sshd[22490]: Failed password for invalid user et33015 from 146.213.128.135 port 51270 ssh2 Jan 6 10:49:00 ilt-gif-ipa02 sshd[22490]: Failed password for invalid user et33015 from 146.213.128.135 port 51270 ssh2 Jan 6 10:49:02 ilt-gif-ipa02 sshd[22490]: Failed password for invalid user et33015 from 146.213.128.135 port 51270 ssh2 Jan 6 10:49:32 ilt-gif-ipa02 sshd[22490]: Connection closed by x.x.x.x [preauth] ============================ ==================== (Fri Jan 6 10:48:48 2017) [sssd[be[ipa.preprod.local]]] [get_server_status] (0x1000): Status of server 'ilt-gif-ipa01.ipa.preprod.local' is 'working' (Fri Jan 6 10:48:48 2017) [sssd[be[ipa.preprod.local]]] [get_port_status] (0x1000): Port status of port 0 for server 'ilt-gif-ipa01.ipa.preprod.local' is 'not working' (Fri Jan 6 10:48:48 2017) [sssd[be[ipa.preprod.local]]] [fo_resolve_service_send] (0x0020): No available servers for service 'IPA' (Fri Jan 6 10:48:48 2017) [sssd[be[ipa.preprod.local]]] [be_resolve_server_done] (0x1000): Server resolution failed: [5]: Input/output error (Fri Jan 6 10:48:48 2017) [sssd[be[ipa.preprod.local]]] [sdap_id_op_connect_done] (0x0020): Failed to connect, going offline (5 [Input/output error]) (Fri Jan 6 10:48:48 2017) [sssd[be[ipa.preprod.local]]] [be_mark_offline] (0x2000): Going offline! (Fri Jan 6 10:48:48 2017) [sssd[be[ipa.preprod.local]]] [be_mark_offline] (0x2000): Initialize check_if_online_ptask. (Fri Jan 6 10:48:48 2017) [sssd[be[ipa.preprod.local]]] [be_ptask_create] (0x0400): Periodic task [Check if online (periodic)] was created (Fri Jan 6 10:48:48 2017) [sssd[be[ipa.preprod.local]]] [be_ptask_schedule] (0x0400): Task [Check if online (periodic)]: scheduling task 72 seconds from now [1483696200] (Fri Jan 6 10:48:48 2017) [sssd[be[ipa.preprod.local]]] [be_run_offline_cb] (0x0080): Going offline. Running callbacks i am able to getent and kinit for all of the AD user. but most of the user are not able to login via ssh /ad-password getent passwd et33015 et33...@corp.corpcommon.com:*:1007629326:1007629326:Th Sub:/home/et33015: and kinit et33...@corp.corpcommon.com -- *Rajat Gupta*
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project