I set up my freeIPA instance and it works very well for my client
computers (Ubuntu Desktop 16.04.2 LTS), I can login via SSH using a
freeIPA managed user account.
My own HBAC rule also works for that. I disabled the "allow all" rule
and created my own one. Works fine for SSH.
But I cannot login to the GNOME 3 Desktop on the client. I used the
netinstall ISO image of Ubuntu. During installation, I have chose
"Ubuntu GNOME Desktop" as the only desktop.
So my display manager is gdm3.
I added the "gdm" and "gdm-password" services to my HBAC rule. To be on
the safe side, I rebooted the client machine. But I still can't login to
the GNOME Desktop with an account that can login via SSH.
So the services in my rule are
login, gdm, gdm-password
If you need any logs or other information, I will provide them.
Thanks in advance!
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project