On (05/12/16 14:44), supertwist...@gmail.com wrote: >I'm trying to connect my server to a LDAP server. I get a correct answer after >using *id* and *ldapsearch* commands. However, i still not able to login with >SSH. > It would be good to move discussion to sssd-users mailing list.
>(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): >command: SSS_PAM_AUTHENTICATE >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): domain: >LDAP >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): user: >myuser >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): >service: sshd >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): tty: ssh >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): ruser: >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): rhost: >192.118.68.5 >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): authtok >type: 0 >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): >newauthtok type: 0 >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): priv: 1 >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): >cli_pid: 2208 >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [pam_print_data] (0x0100): logon >name: not set >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [be_pam_handler_callback] >(0x0100): Backend returned: (0, 7, <NULL>) [Success (Authentication failure)] >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [be_pam_handler_callback] >(0x0100): Sending result [7][LDAP] >(Mon Dec 5 12:39:48 2016) [sssd[be[LDAP]]] [be_pam_handler_callback] >(0x0100): Sent result [7][LDAP] > I think the log is crystal clear. "Authentication failure". It might be a wrong password; or denial due to password policy or something else. It's hard to say without more info. I would recommend to follow troubleshooting wiki page https://fedorahosted.org/sssd/wiki/Troubleshooting#TroubleshootingAuthenticationPasswordChangeandAccessControl It would be good if you could move discussion to sssd-users mailing list. Thank you in advance for understanding. LS _______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org