On Thu, May 05, 2016 at 08:13:00PM +0530, Rakesh Rajasekharan wrote:
> (Thu May 5 14:35:49 2016) [[sssd[krb5_child[32281 [get_and_save_tgt]
> (0x0020): 1000: [-1765328353][Decrypt integrity check failed]
> (Thu May 5 14:35:49 2016) [[sssd[krb5_child[32281 [map_krb5_error]
> (0x0020): 1069
>>Actually, it should be 1777
> sh$ ls -ld /tmp/
> drwxrwxrwt. 11 root root 260 Feb 19 10:27 /tmp/
^
> This is important.>
yes, I have now corrected them... Thanks...
On Fri, Feb 19, 2016 at 2:59 PM, Lukas Slebodnik
wrote:
> On (19/02/16 14:54), Rakesh Rajasekharan wrote:
> >>
On (19/02/16 14:54), Rakesh Rajasekharan wrote:
>>
>>This usually mean critical error in sssd.
>> Please provide log files (sssd_$domain.log and krb5_child.log)
>
>I found this in my sssd-$domain.log
>
> [krb5_auth_prepare_ccache_name] (0x1000): No ccache fil
>
>This usually mean critical error in sssd.
> Please provide log files (sssd_$domain.log and krb5_child.log)
I found this in my sssd-$domain.log
[krb5_auth_prepare_ccache_name] (0x1000): No ccache file for user
[tempuser] found
so searching around I foun
On (18/02/16 18:41), Rakesh Rajasekharan wrote:
>I set up freeipa on our environment and its works perfectly for most of the
>hosts.. but on few I am getting a permission denied.
>
>[root@ipa-client-1c :~] ssh tempuser@localhost
>tempuser@localhost's password:
>Permission denied, please try again.
The permission for /etc/krb5.conf was already set to 644. So, that aspect
looks fine..
I think it might be something to do with the pam settings.
here is my sssd.conf
[root@ipa-client :/etc/sssd] cat sssd.con
[domain/xyz.com]
krb5_auth_timeout = 30
cache_credentials = True
krb5_store_password_i
On 02/18/2016 02:11 PM, Rakesh Rajasekharan wrote:
> I set up freeipa on our environment and its works perfectly for most of the
> hosts.. but on few I am getting a permission denied.
>
> [root@ipa-client-1c :~] ssh tempuser@localhost
> tempuser@localhost's password:
> Permission denied, please tr
I set up freeipa on our environment and its works perfectly for most of the
hosts.. but on few I am getting a permission denied.
[root@ipa-client-1c :~] ssh tempuser@localhost
tempuser@localhost's password:
Permission denied, please try again.
tempuser@localhost's password:
I checked the hbac,