Re: [Freeipa-users] User Can't Authenticate
On (21/05/15 18:56), Dmitri Pal wrote: On 05/21/2015 05:54 PM, John Williams wrote: I've got a freeIPA client where a user account cannot authenticate. The log entry for IPA looks like: audit/audit.log.4:type=USER_AUTH msg=audit(1425316592.375:38090): user pid=16485 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=aswanda exe=/usr/sbin/sshd hostname=172.31.0.162 addr=172.31.0.162 terminal=ssh res=failed' When I try to sudo to the user account, I get the following error: [root@myhost ~]# sudo su - testuser su: user testuser does not exist However, all that works for my account. Please help. Thanks in advance. What do you use on the client? SSSD? What is the OS version? What SSSD logs show? For sssd related issues see https://fedorahosted.org/sssd/wiki/Troubleshooting Firstly, ensure you can get user information (getent passwd user) Secondly, troubleshoot authentication and access control. LS -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] User Can't Authenticate
I've got a freeIPA client where a user account cannot authenticate. The log entry for IPA looks like: audit/audit.log.4:type=USER_AUTH msg=audit(1425316592.375:38090): user pid=16485 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=aswanda exe=/usr/sbin/sshd hostname=172.31.0.162 addr=172.31.0.162 terminal=ssh res=failed' When I try to sudo to the user account, I get the following error: [root@myhost ~]# sudo su - testusersu: user testuser does not exist However, all that works for my account. Please help. Thanks in advance. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] User Can't Authenticate
On 05/21/2015 05:54 PM, John Williams wrote: I've got a freeIPA client where a user account cannot authenticate. The log entry for IPA looks like: audit/audit.log.4:type=USER_AUTH msg=audit(1425316592.375:38090): user pid=16485 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct=aswanda exe=/usr/sbin/sshd hostname=172.31.0.162 addr=172.31.0.162 terminal=ssh res=failed' When I try to sudo to the user account, I get the following error: [root@myhost ~]# sudo su - testuser su: user testuser does not exist However, all that works for my account. Please help. Thanks in advance. What do you use on the client? SSSD? What is the OS version? What SSSD logs show? -- Thank you, Dmitri Pal Director of Engineering for IdM portfolio Red Hat, Inc. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project