OK. I understand.
Thank You for an answer.
2015-05-12 9:39 GMT+02:00 Jan Pazdziora :
> On Mon, May 11, 2015 at 08:52:08PM +0200, Vangass wrote:
> > OK. But the answer granted/declined comes from IPA. So why IPA doesn't
> > check its own HBAC rules at all?
> > Maybe the line 'account require
On Mon, May 11, 2015 at 08:52:08PM +0200, Vangass wrote:
> OK. But the answer granted/declined comes from IPA. So why IPA doesn't
> check its own HBAC rules at all?
> Maybe the line 'account required pam_sss.so' isn't
> necessary/required. I just want to do authentication by IPA HBAC rule
On Mon, 11 May 2015, Vangass wrote:
OK. But the answer granted/declined comes from IPA. So why IPA doesn't
check its own HBAC rules at all?
Maybe the line 'account required pam_sss.so' isn't
necessary/required. I just want to do authentication by IPA HBAC rules.
Authentication and acco
OK. But the answer granted/declined comes from IPA. So why IPA doesn't
check its own HBAC rules at all?
Maybe the line 'account required pam_sss.so' isn't
necessary/required. I just want to do authentication by IPA HBAC rules.
Thanks,
Bartek.
2015-05-11 17:22 GMT+02:00 Sumit Bose :
> O
On Mon, May 11, 2015 at 05:15:31PM +0200, Sumit Bose wrote:
> On Mon, May 11, 2015 at 04:47:01PM +0200, Lukas Slebodnik wrote:
> > On (11/05/15 14:57), Vangass wrote:
> > >Hi,
> > >
> > >I try to access Cisco switch via ssh. Cisco has tacacs login configured.
> > >
> > ># tail /var/log/secure
> > >
On Mon, May 11, 2015 at 04:47:01PM +0200, Lukas Slebodnik wrote:
> On (11/05/15 14:57), Vangass wrote:
> >Hi,
> >
> >I try to access Cisco switch via ssh. Cisco has tacacs login configured.
> >
> ># tail /var/log/secure
> >May 11 14:18:46 freeipa tac_plus[29096]: pam_sss(tac_plus:auth):
> >authenti
On (11/05/15 14:57), Vangass wrote:
>Hi,
>
>I try to access Cisco switch via ssh. Cisco has tacacs login configured.
>
># tail /var/log/secure
>May 11 14:18:46 freeipa tac_plus[29096]: pam_sss(tac_plus:auth):
>authentication success; logname=bartosz uid=0 euid=0 tty= ruser= rhost=
>user=bartosz
>Ma
Hi,
I try to access Cisco switch via ssh. Cisco has tacacs login configured.
# tail /var/log/secure
May 11 14:18:46 freeipa tac_plus[29096]: pam_sss(tac_plus:auth):
authentication success; logname=bartosz uid=0 euid=0 tty= ruser= rhost=
user=bartosz
May 11 14:18:53 freeipa tac_plus[29096]: pam_ss
On Mon, May 11, 2015 at 01:57:38PM +0200, Jakub Hrozek wrote:
> On Mon, May 11, 2015 at 01:19:01PM +0200, Vangass wrote:
> > Hello,
> >
> > I have a problem with HBAC rules with conjunction with PAM authentication.
> > What I try to do is to authenticate users: tac_plus - PAM (pam_sssd) -
> > Free
On Mon, May 11, 2015 at 01:19:01PM +0200, Vangass wrote:
> Hello,
>
> I have a problem with HBAC rules with conjunction with PAM authentication.
> What I try to do is to authenticate users: tac_plus - PAM (pam_sssd) -
> FreeIPA.
> It works just fine but without checking HBAC rules.
> What I did:
>
Hello,
I have a problem with HBAC rules with conjunction with PAM authentication.
What I try to do is to authenticate users: tac_plus - PAM (pam_sssd) -
FreeIPA.
It works just fine but without checking HBAC rules.
What I did:
- disabled allow_all rule
- created new rule with one user and one servi
11 matches
Mail list logo