OK...Problem is solved ! It works !! I've switched to KDE as displaymanager and as desktop(as I figured it didn't make sense to run GDM as displaymanager and KDE as desktop) and rebooted the system. At first, when I tried to login, it didn't work, as sssd daemon didn't run. After restarting it, it worked !
cheers and thanks a lot for helping me through the PAM-swamp ! Andy 2011/1/28 Stephen Gallagher <sgall...@redhat.com> > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/28/2011 09:23 AM, Andy Kannberg wrote: > > Hi Stephen, > > > > errors are getting fewer, but still the same problem: > > > > Jan 28 15:09:45 hpdw0001 gdm[3744]: pam_unix(gdm:auth): check pass; user > > unknown > > Jan 28 15:09:45 hpdw0001 gdm[3744]: pam_unix(gdm:auth): authentication > > failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= > > Jan 28 15:09:45 hpdw0001 gdm[3744]: pam_succeed_if(gdm:auth): error > > retrieving information about user nxp21358 > > > > > > system-auth now looks like : > > > > #%PAM-1.0 > > # This file is auto-generated. > > # User changes will be destroyed the next time authconfig is run. > > auth required pam_env.so > > auth sufficient pam_unix.so likeauth nullok > > auth requisite pam_succeed_if.so uid >= 500 quiet > > auth sufficient pam_sss.so use_first_pass > > auth required pam_deny.so > > > > account required pam_unix.so broken_shadow > > account sufficient pam_localuser.so > > account sufficient pam_succeed_if.so uid < 500 quiet > > account [default=bad success=ok user_unknown=ignore] pam_sss.so > > account required pam_permit.so > > #account required pam_access.so > > accessfile=/etc/security/access.netgroup.conf > > > > password requisite pam_cracklib.so try_first_pass retry=3 > > password sufficient pam_unix.so nullok use_authtok md5 shadow > > password sufficient pam_sss.so use_authtok > > password required pam_deny.so > > > > #session required pam_limits.so > > session required pam_unix.so > > session required pam_keyinit.so revoke > > session optional pam_sss.so > > > > > > Sorry, I didn't realize before that you were using gdm, not kdm. GDM > also requires that you make the same changes you made to system-auth > into password-auth. (It's a long story, but it has to do with GDM's > parallel PAM stack solution to multiple authentication methods) > > > - -- > Stephen Gallagher > RHCE 804006346421761 > > Delivering value year after year. > Red Hat ranks #1 in value among software vendors. > http://www.redhat.com/promo/vendor/ > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ > > iEYEARECAAYFAk1C3KcACgkQeiVVYja6o6PEygCeP06ucGluHktONkl0x/tDmge3 > ozAAn0/amqV84rSqla/if+iEYpA2AEVn > =/Ccf > -----END PGP SIGNATURE----- > _______________________________________________ > sssd-devel mailing list > sssd-devel@lists.fedorahosted.org > https://fedorahosted.org/mailman/listinfo/sssd-devel >
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
