On (14/02/17 13:00), Nuno Higgs wrote:
>I have a LXC container running Centos7, fully patched that i can't login
>into in a standard IPA usage configuration:
>Feb 13 19:42:07 lxc1 sshd: pam_sss(sshd:account): Access denied for
>user nuno 4 (System error)
System error means unexpected state for sssd.
I would recommend to follow sssd troubleshooting wiki
>Feb 13 19:42:07 lxc1 sshd: Failed password for nuno from 172.16.0.10
>port 54461 ssh2
>Feb 13 19:42:07 lxc1 sshd: fatal: Access denied for user nuno by PAM
>account configuration [preauth]
>Feb 13 19:43:42 lxc1 sshd: Connection closed by 172.16.3.253 [preauth]
>Feb 13 19:53:04 lxc1 sshd: pam_sss(sshd:auth): authentication success;
>logname= uid=0 euid=0 tty=ssh ruser= rhost=172.16.3.253 user=nuno
>Feb 13 19:53:04 lxc1 sshd: error: PAM: User account has expired for
>nuno from 172.16.3.253
This error is little bit later but I think it is clear enough.
The account is expired.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project