> sshd[24003]: error: PAM: User not known to the underlying authentication
> module for illegal user
I've occasionally had a similar problem.
The most recent time, it was only ssh that couldn't find the user.
'id user' worked, 'su user' worked, 'kinit user' worked.
Only 'ssh user@host'
On pe, 08 marras 2019, Ronald Wimmer via FreeIPA-users wrote:
On 08.11.19 11:08, Alexander Bokovoy via FreeIPA-users wrote:
[...]
Are these assumptions true:
- ipaA became a trust controller by issuing the "ipa trust-add" command
- ipaB will have to be configured as trust agent
Correct. By
On 08.11.19 11:08, Alexander Bokovoy via FreeIPA-users wrote:
[...]
Are these assumptions true:
- ipaA became a trust controller by issuing the "ipa trust-add" command
- ipaB will have to be configured as trust agent
Correct. By running ipa-adtrust-install --add-agents on ipaA, you can
add
On pe, 08 marras 2019, Ronald Wimmer via FreeIPA-users wrote:
I think I know where to take a closer look.
I have 2 IPA servers, let's call them ipaA and ipaB. On ipaA
everything works without any problems. On ipaB I cannot resolve AD
users.
The "ipa trust-add" command has only been issued
I think I know where to take a closer look.
I have 2 IPA servers, let's call them ipaA and ipaB. On ipaA everything
works without any problems. On ipaB I cannot resolve AD users.
The "ipa trust-add" command has only been issued on ipaA. Some time ago
I read about trust controllers and trust
On 08.11.19 10:15, Sumit Bose via FreeIPA-users wrote:
On Fri, Nov 08, 2019 at 10:04:41AM +0100, Ronald Wimmer via FreeIPA-users wrote:
It seems that this was a coincidence... sometimes AD users are found but
most of the time they are not:
[root@ipaclient sssd]# id us...@bau.mydomain.at
id:
On Fri, Nov 08, 2019 at 10:04:41AM +0100, Ronald Wimmer via FreeIPA-users wrote:
> It seems that this was a coincidence... sometimes AD users are found but
> most of the time they are not:
>
> [root@ipaclient sssd]# id us...@bau.mydomain.at
> id: us...@bau.mydomain.at: No such user
>
It seems that this was a coincidence... sometimes AD users are found but
most of the time they are not:
[root@ipaclient sssd]# id us...@bau.mydomain.at
id: us...@bau.mydomain.at: No such user
[root@ipaclient sssd]# id us...@bau.mydomain.at
id: us...@bau.mydomain.at: No such user
Where do I
Simply increasing the krb5_auth_timeout in the client's sssd.conf did
the trick. Thanks for the good troubleshooting guide at
https://docs.pagure.org/SSSD.sssd/users/troubleshooting.html
Cheers,
Ronald
___
FreeIPA-users mailing list --
On one of the IPA servers themselves a
getent passwd myadu...@bau.mydomain.at
is working. On the system where I cannot login with this user I do not
get a result.
What do I have to look for in which sssd log file in order to find out
what the problem is?
Cheers,
Ronald
The only log entries that appear when a different user tries it do
appear in /var/log/secure:
NovĀ 6 10:33:19 ws102317180 sshd[24003]: Invalid user
an_ad_u...@bau.mydomain.at from 10.16.11.218 port 60646
NovĀ 6 10:33:19 ws102317180 sshd[24003]: input_userauth_request: invalid
user
On 06.11.19 08:08, Sumit Bose via FreeIPA-users wrote:
On Wed, Nov 06, 2019 at 12:20:21AM +0100, Ronald Wimmer via FreeIPA-users wrote:
Today I was not able to log in with an AD user to an IPA client within a
test setup. IPA users worked fine.
DNS is managed externally. I figured out that the
On Wed, Nov 06, 2019 at 12:20:21AM +0100, Ronald Wimmer via FreeIPA-users wrote:
> Today I was not able to log in with an AD user to an IPA client within a
> test setup. IPA users worked fine.
>
> DNS is managed externally. I figured out that the DNS-Record of that
> particular IPA client has not
13 matches
Mail list logo
